Skip to content
QuickToolsLab

Password Generator

Create strong, random passwords with full control over characters and length.

16

About the Password Generator

A strong password is long, random, and unique to each account. This generator produces passwords using your browser's cryptographic random number generator ( window.crypto.getRandomValues), which is the same source used by browser TLS and Web Crypto. That means the passwords are unpredictable to anyone — including us.

Use it whenever you sign up for a new service, rotate a leaked credential, or need a random API key, database password, or shared secret.

How it works

Pick a length (16 characters or more is recommended for general accounts; 24+ for high-value accounts), then choose which character classes to include: lowercase letters, uppercase letters, digits, and symbols. The generator samples uniformly from the selected character pool so every password has maximum entropy for its length.

Copy the result and store it in a password manager — never reuse a generated password across multiple accounts.

Privacy

Passwords are generated in your browser tab using the Web Crypto API. They are never transmitted, logged, or stored. Closing the tab discards them.

Frequently asked questions

How long should my password be?
For everyday accounts, 16 characters with mixed letters, digits, and symbols offers strong protection. For email, banking, and password-manager master passwords, prefer 20 or more characters.
Is this random enough to be cryptographically secure?
Yes. We use window.crypto.getRandomValues, which is required by the Web Crypto specification to be a cryptographically strong pseudo-random number generator (CSPRNG). Math.random() — which many sites still use — is not.
Why exclude symbols on some sites?
Some legacy systems still reject special characters or have unusual length limits. If a site rejects your password, regenerate with symbols disabled and increase the length instead.
Should I use a passphrase instead?
A passphrase (four to six random dictionary words) is easier to type and remember, while a random string is shorter at equivalent strength. Use a random string for anything saved in a password manager, and a passphrase for manually-typed master passwords.
Are the generated passwords stored anywhere?
No. They exist only in your browser tab. Copy the password to your password manager immediately and don't paste it into untrusted apps or websites.

Related tools

Other free utilities that pair well with this one.

Hash Generator
MD5, SHA-1, SHA-256, SHA-512 hashes.
QR Generator
QR codes for URLs, text, Wi-Fi, and vCards.
Random Picker
Random numbers, list picks, and shuffles.