Password Generator

No. Every password is generated entirely in your browser using your device's built-in cryptographic random number generator. No passwords are ever sent to our servers, stored in any database, or logged in any analytics. You can verify this by disconnecting from the internet — the tool works fully offline.

We use crypto.getRandomValues(), a cryptographically secure pseudo-random number generator (CSPRNG) built into every modern browser. This is the same quality of randomness used by encryption software and operating systems — far superior to Math.random(), which is predictable and should never be used for security.

Use 12 characters minimum for general accounts, 16+ for important accounts (email, banking, cloud services), and 20+ for high-value targets (admin accounts, crypto wallets, infrastructure). With all character types enabled, a 16-character password has about 105 bits of entropy — effectively unbreakable by brute force.

Both can produce strong passwords. Random strings with symbols are shorter but harder to type and remember; passphrases are longer but easier to memorize. With the bundled EFF Large Wordlist (7,776 words) each word adds ~12.9 bits, so a 4-word passphrase reaches ~51 bits and 6 words reaches ~77 bits. If your password manager handles typing, random strings with symbols are more space-efficient.

Switch to Passphrase mode. It generates a sequence of random English words (e.g. "marble-forest-candle-echo") that is far easier to remember than a random string. Use at least 4 words for basic security and 6 words for important accounts. You can visualize a story connecting the words to aid memory.

The "Exclude ambiguous characters" option removes characters that look alike in many fonts: 0 (zero) vs O, 1 (one) vs l vs I, and 5 vs S. This is helpful when you need to manually type a password on a device without paste (ATMs, game consoles, shared terminals). It is off by default to maximize entropy.

Yes. Once the page is loaded, it works entirely offline. All password generation, strength calculation, and copying happen in your browser with no server communication. You can disconnect from the internet and continue generating passwords — try it to verify.

You can inspect the page source in your browser (right-click → View Page Source) to see that all generation logic runs client-side. Open your browser's Developer Tools → Network tab and confirm zero requests are made when you generate or copy passwords. You can also disconnect from the internet to verify full offline operation.

Entropy measures how unpredictable a password is, expressed in bits. The formula is bits = length × log2(charset size). For example, a 16-character password from 95 possible characters has about 105 bits of entropy, meaning an attacker would need roughly 2^105 guesses to crack it by brute force. For passphrases it is word count × log2(wordlist size); with the bundled EFF Large Wordlist of 7,776 words, 6 words land at about 77 bits. Strength labels: Weak (<40 bits), Fair (40–59), Strong (60–79), Very Strong (80+).

Enable Bulk generation at the bottom of the tool. Set a count (1–100) and click "Generate Bulk." You can copy individual passwords, copy all at once, or download the full list as a TXT or CSV file. Bulk mode works with both random string and passphrase modes.