Password Generator
What the password generator does
It builds a random password from the character sets you choose — uppercase and lowercase letters, digits, and symbols — using crypto.getRandomValues, the same source of secure randomness browsers use for cryptographic keys. Because the randomness is unbiased, every character is equally likely, so the result is genuinely hard to predict rather than following a guessable pattern.
How to choose a strong password
Length is the single biggest factor: a longer password is exponentially harder to crack, so prefer 16 characters or more wherever the site allows it. Including all four character sets widens the pool each character is drawn from, which the strength meter reflects. For a password you will type by hand rather than paste, turn on “exclude ambiguous characters” so you never have to guess whether you are looking at a one or a lowercase L.
Use a different password for every account, and store them in a password manager rather than reusing one you can remember — reuse is what turns a single breach into many.
Is it safe to generate a password in the browser?
Yes. Nothing is uploaded, logged, or saved: the password is created in your browser tab and exists only there until you copy it or close the page. There is no network request involved in generating it, which you can confirm in your browser’s network tab.
Frequently asked questions
Are the passwords really random and safe to use?
Yes. They are generated with your browser’s built-in cryptographic random generator (crypto.getRandomValues) — the same kind of randomness used for security keys — and the generation happens entirely on your device.
Is my password sent anywhere?
No. Nothing is uploaded, logged, or stored. The password exists only in your browser tab until you copy it or close the page.
What makes a strong password?
Length matters most: aim for at least 16 characters and include a mix of uppercase, lowercase, numbers, and symbols. The built-in strength meter estimates this for you as you change the options.
What does “exclude ambiguous characters” do?
It leaves out look-alike characters such as l, 1, I, O, and 0 so the password is easier to read and type by hand — useful when you have to enter it manually.