Password & Key Generator
Generate secure random passwords, API keys, and tokens
Password Presets
Pre-configured password settings for different security levels. Click "Quick Run" to generate with preset settings:
pin
4 chars • Numbers
simple
8 chars • Numbers • Upper
secure
16 chars • Symbols • Numbers • Upper
apiKey
32 chars • Numbers • Upper
Why Use a Password Generator? How Does it Work?
Strong, unique passwords are essential for security. This tool uses cryptographically secure random number generation via the Web Crypto API (crypto.getRandomValues) to create passwords that are virtually impossible to guess or crack through brute force. The implementation supports both random character generation and passphrase-based methods.
Technical Implementation
- Uses crypto.getRandomValues() for cryptographically secure randomness
- Builds character pools dynamically based on user preferences
- Optional ambiguous character exclusion (0, O, 1, l, I for better readability)
- Uniform distribution ensures each character position is equally likely
- Supports length from 4 to 64 characters with various character types
- Dictionary-based selection from 100+ common English words
- Each word adds approximately 6.6 bits of entropy
- Optional capitalization and number/symbol addition
- Customizable separators (hyphen, underscore, space, etc.)
- Word count range: 3-8 words for different security levels
Key Features
Cryptographically Secure
Uses Web Crypto API for true randomness
Multiple Modes
Random passwords and passphrases
Passphrase Support
Easy-to-remember word combinations
Bulk Generation
Generate multiple passwords at once
Best Practices & Usage Boundaries
- Use a unique password for every account✅ Critical - Prevents credential stuffing attacks across multiple services
- Make passwords at least 12-16 characters long✅ Recommended - 16+ characters for high-value accounts (banking, email)
- Include uppercase, lowercase, numbers, and symbols✅ Important - Increases entropy and resists dictionary attacks
- Store passwords in a secure password manager✅ Essential - Never reuse passwords or write them down unsecured
- Enable two-factor authentication when available✅ Strongly recommended - Adds critical second layer of security
Frequently Asked Questions
Is this password generator secure?
Yes! We use the Web Crypto API (crypto.getRandomValues) which provides cryptographically secure random numbers. All generation happens locally in your browser.
Are my passwords stored anywhere?
No. Generated passwords exist only in your browser and are never sent to any server. Once you close the page, they're gone unless you save them.
What makes a strong password?
A strong password is long (16+ characters), uses a mix of character types, is unique to each account, and is random (not based on dictionary words or personal info).
Related Tools & Guides
Discover more tools and guides to help you with your development workflow