Secure Password Generator

Password Length

Uppercase Letters (A-Z)

Lowercase Letters (a-z)

Numbers (0-9)

Symbols (!@#$...)

Exclude Ambiguous (0OoIl1)

Generated Password

—

Strength

—

Entropy

—

bits

Formula: Entropy (bits) = length x log2(character set size)

Password Generator

Strong passwords are the first line of defense against unauthorized access. A randomly generated password from a large character set is orders of magnitude harder to crack than any human-chosen password.

Conversion Formula

Entropy (bits) = length x log2(character set size)

Entropy = length x log2(pool size). A pool of 94 printable characters gives log2(94) ≈ 6.55 bits per character. 16 characters = ~105 bits of entropy.

Step-by-Step Examples

Length 16, all types = ~105 bits (Very Strong)

The gold standard for most accounts

Length 8, letters+numbers only = ~47 bits (Fair)

Common but borderline - upgrade to 12+

History

Password requirements were first formalized by NIST in 2003. NIST SP 800-63B (2017) reversed many older rules - length now matters far more than forced complexity.

Common Use Cases

Account registration
Database credentials
API keys and tokens
Encryption passphrases
Wi-Fi passwords

Frequently Asked Questions

What makes a password strong?

Length and character variety. A 16-character password using uppercase, lowercase, numbers, and symbols has over 100 bits of entropy - far beyond what can be brute-forced.

What is password entropy?

Entropy measures unpredictability in bits. Each bit doubles the number of guesses needed. 60 bits means 2^60 (about 1 quintillion) possible passwords.

Should I use a memorable password or a random one?

Random passwords are always stronger. Use a password manager (Bitwarden, 1Password, KeePass) to store them so you never need to memorize them.

Is it safe to generate passwords here?

Yes. Generation happens entirely in your browser using JavaScript. No password is ever sent to a server or stored anywhere.