Password Generator
Create strong random passwords right in your browser with adjustable length and character sets.
How are they generated?
Passwords use the browser's standard crypto API (crypto.getRandomValues) to produce hard-to-predict random strings. Choose the length (4–64) and whether to include uppercase, lowercase, numbers, and symbols; at least one character from each selected set is included.
When to use it
- New accounts: instantly create a strong, unique password per site.
- Rotation: reissue a password for an account you're worried was exposed.
- Temporary values: generate random strings for API-key candidates or one-time tokens.
Tips for staying safe
- Longer is safer. Use at least 12 characters, ideally 16 or more.
- Don't reuse passwords; use a different one per site and consider a password manager.
- Don't leave generated passwords in plain text in chats or notes.
Passwords are generated with your browser's cryptographic random generator (Web Crypto) and are never sent to or stored on a server. Nothing is recorded, so use them safely.
Read the Privacy Policy →Frequently asked questions
Are generated passwords sent to a server?
No. Passwords are created entirely in your browser using a cryptographic random generator and are never sent to or stored on a server. They disappear on reload.
How long should a password be?
12+ characters is generally recommended; for important accounts use 16+ with uppercase, lowercase, numbers, and symbols. Longer passwords resist brute-force attacks better.
Is it truly random?
Yes. It uses the browser's cryptographic random generator (Web Crypto API), not a predictable function like Math.random, and picks characters without bias.