D

Password Generator

Generate strong random passwords with configurable length, charset, and an entropy meter.

Runs 100% in your browser — nothing is uploaded

About this tool

The Password Generator creates cryptographically random passwords using the browser's crypto.getRandomValues API — the same entropy source used by operating systems for key generation. You control length (8–128 characters), character sets (uppercase, lowercase, digits, symbols), and can exclude ambiguous characters like 0/O/l/I.

The tool shows an entropy meter: password entropy in bits measures how hard a password is to brute-force. A 16-character password with all character sets has approximately 105 bits of entropy — at one trillion guesses per second, cracking it would take longer than the age of the universe. The meter color-codes strength: red (< 40 bits), orange (40–60 bits), yellow (60–80 bits), green (80+ bits).

No password is ever sent to a server. The entire generation and entropy calculation runs in your browser. Common uses: generating site passwords, API keys, secret tokens, or seed phrases for testing. The Copy button copies the password to your clipboard; clicking Generate creates a new one instantly.

Frequently asked questions

Is this generator truly random?
Yes. It uses crypto.getRandomValues, the browser's cryptographically secure pseudorandom number generator (CSPRNG), seeded by the operating system's entropy pool. This is the same source used for TLS key material and is considered cryptographically secure.
What does entropy mean for passwords?
Entropy in bits measures the unpredictability of a password. Each bit doubles the number of guesses needed to crack it. 40 bits = 1 trillion guesses; 80 bits = 2^80 guesses. Higher entropy means a stronger password.
Should I use a passphrase instead?
Passphrases (e.g. "correct horse battery staple") can achieve high entropy while being memorable. For passwords you need to type manually, a passphrase is often better. For passwords stored in a manager, a long random string is equally good.
Does excluding ambiguous characters make passwords weaker?
Slightly — it reduces the character set size, lowering entropy by a small amount. For a 16-character password, the impact is negligible. Excluding l, 1, O, 0 is a good usability tradeoff for passwords you might need to read aloud.

Related tools

UUID Generator

Generate UUID v1, v4, and v7 identifiers in bulk — using crypto-random browser APIs.

Random String Generator

Generate random strings with custom charsets and presets for API keys, tokens, and PINs.

Bcrypt Hash & Verify

Hash passwords with bcrypt and verify hashes — using bcryptjs, entirely in your browser.

SHA Hash Generator

Generate SHA-1, SHA-256, SHA-384, and SHA-512 hashes using browser-native Web Crypto.