Password Generator
Generate secure random passwords with configurable length and character types.
About This Tool
Password Generator is a free online tool that creates strong, random passwords using the browser's Web Crypto API — the same cryptographically secure random source used by professional security tools. Choose your length (8–128 characters) and toggle character sets (uppercase, lowercase, numbers, symbols) to meet any security policy. Nothing is sent to any server.
The randomness comes from crypto.getRandomValues(), which uses the operating system's CSRNG (Cryptographically Secure Random Number Generator). This is fundamentally different from JavaScript's Math.random(), which is predictable and should never be used for security purposes. A visual strength meter updates in real time as you configure your options.
Password Generator is used by IT administrators creating service account credentials, developers generating API keys and tokens, individuals setting up new account passwords they will store in a password manager, and security auditors testing password policy compliance.
5KtzN1VkoDQ,}&2oHow to Use
- 1
Set the desired password length using the slider.
- 2
Toggle the character types you want: uppercase, lowercase, numbers, and/or symbols.
- 3
Click Generate to create a new password, then copy it to your clipboard.
- 4
Check the strength indicator — aim for 'Strong' or 'Very Strong' for important accounts.
- 5
Store the password immediately in a password manager (e.g., 1Password, Bitwarden, LastPass).
Features
Cryptographically Secure
Passwords are generated using the Web Crypto API's getRandomValues for true randomness.
Configurable Character Sets
Include or exclude uppercase letters, lowercase letters, numbers, and special symbols.
Adjustable Length
Choose password length from 8 to 128 characters to meet any security requirement.
Strength Indicator
A visual strength meter shows how strong your generated password is.
Common use cases
- ›Generate strong random passwords for new online accounts before storing in a password manager.
- ›Create complex service account or system passwords for servers, databases, and cloud services.
- ›Generate API keys, secret tokens, or symmetric encryption keys for application security.
- ›Produce compliant passwords that meet specific corporate or regulatory password policies.
Read our guide
Password Generator — Complete Guide →FAQ
How are passwords generated?
Using the Web Crypto API (crypto.getRandomValues) for cryptographically secure random generation.
What makes a strong password?
Use at least 16 characters with a mix of uppercase, lowercase, numbers, and symbols.
Is it safe to generate passwords in the browser?
Yes. The Web Crypto API's getRandomValues uses the operating system's cryptographically secure random number generator (CSRNG), the same source used by professional security tools.
Are generated passwords stored anywhere?
No. Passwords are generated in your browser's memory and never sent to any server. They are not logged or stored anywhere.
What length should I use for different purposes?
For online accounts: 16–20 characters minimum. For encryption keys or master passwords: 20–32 characters. For PINs or simple passcodes where length is fixed: use all available character types within the constraint.