TechCompare LogoTechCompare
← Back to Home

Password Generator

Generate secure passwords.

Configuration

16
...
Select at least one character type
Strength
Strong
Entropy
104 bits
Time to Crack
3.22e+3 billion years

Estimate based on 100 billion attempts/sec (modern GPU using bcrypt/SHA-256). Actual time varies with hardware and algorithm.

About this tool

The Password Generator produces cryptographically random passwords of any length, with customisable character classes including uppercase, lowercase, numbers, and symbols. It runs entirely in your browser. Every character is drawn from the browser's native crypto.getRandomValues() API, which is the same CSPRNG source used by TLS handshakes and Web Crypto key generation. That means the outputs are suitable for real secrets, not just demo data.

Use it to create master passwords for a password manager, one-off tokens for development, seed values for environment variables, or fresh recovery codes. Because nothing leaves your machine, it's safe to use on shared networks, work laptops with strict DLP policies, or air-gapped environments where external password-generator services aren't an option.

How it works

Random bytes are pulled from crypto.getRandomValues() and mapped to a character set you select. Longer passwords with more character classes have exponentially more possible values, measured in bits of entropy: 16 characters from a 90-character alphabet gives about 104 bits of entropy, well beyond brute-force reach for today's hardware.

When to use it

Any time you need a new credential: a new account, an API key for a script, a recovery passphrase, or a one-off token for a test environment. Pair with the Encoding Converter if you need the password Base64-encoded for an environment file, and the JSON Formatter when embedding credentials into a structured config.

Frequently asked questions

How long should a secure password be?
16 characters or more, drawn from uppercase, lowercase, numbers, and symbols. A 16-character mixed password is currently impractical to brute-force with commodity hardware, while 8-character ones can be cracked in hours by modern GPUs.
Is the generated password actually random?
Yes. The generator uses the browser's crypto.getRandomValues(), a cryptographically secure random source backed by OS entropy. The output is suitable for production password managers, API keys, and seed phrases.
Is my password saved anywhere?
No. The entire generator runs in your browser, with no network requests, no logging, and nothing stored. Close the tab and the password is gone from memory. Check your browser's Network tab to verify there are no outbound calls when a new password is generated.
What's the difference between a passphrase and a password?
A passphrase is a string of dictionary words (like "correct-horse-battery-staple"), long but memorable. A password is usually shorter with mixed character classes (like "Kx9$mQ2!pR"). Passphrases are typically stronger per character of memory effort; this tool generates both styles.
Should I use the same password everywhere?
Never. Use a password manager (Bitwarden, 1Password, Apple Passwords) and generate a unique strong password for every site. Password reuse is the single biggest cause of account takeover. One breached service leaks the credential, and every other account using it is automatically compromised.
How often should I change my passwords?
Modern guidance (NIST SP 800-63B) says don't rotate strong unique passwords on a schedule. Only change them if you suspect compromise. Forced rotation encourages weak, incremented passwords. Strong password + password manager + 2FA is safer than any rotation policy.

Related tools

Text Encoding Converter

Convert between Text, Base64, Binary, Hexadecimal, and Decimal formats.

Use tool ➜

Unix Timestamp

Convert between Unix timestamps and human-readable dates.

Use tool ➜

JSON Formatter

Validate, format, and minify JSON data with syntax highlighting.

Use tool ➜

Contrast Checker

Check color contrast ratios for WCAG AA/AAA accessibility compliance.

Use tool ➜