Password Generator
Cryptographically secure passwords using crypto.getRandomValues().
About cryptographic security
All passwords are generated using crypto.getRandomValues(), a cryptographically secure random number generator built into browsers. No passwords are sent to any server.
Secure random password generator: create strong passwords with custom length and character sets
Weak and reused passwords remain one of the leading causes of account compromises. A strong password is long, random, and unique to each account: exactly what this tool produces. Using the browser's built-in cryptographically secure random API, every password generated is genuinely unpredictable.
Customise length from 8 to 64 characters, mix and match character sets, and exclude visually ambiguous characters for passwords that need to be read aloud. Generate instantly, copy to clipboard, and store in a password manager: the entire process takes under ten seconds.
How to use: step by step
- 1Set the password length
Drag the length slider or type a value. Longer passwords are exponentially harder to crack: 16+ characters is recommended for most accounts. - 2Choose character sets
Enable or disable uppercase letters, lowercase letters, numbers, and symbols to match the requirements of your target service. - 3Exclude ambiguous characters
Toggle the option to exclude visually similar characters like 0/O and 1/l/I: helpful for passwords that may be read aloud or typed manually. - 4Generate
Click Generate to produce a cryptographically random password. Generate as many times as you like until you find one that suits you. - 5Copy and save
Click Copy to copy the password, then store it immediately in a password manager such as Bitwarden, 1Password, or KeePass.
Related Tools
UUID / GUID Generator
Generate v1, v3, v4, or v5 UUIDs in bulk with multiple format options.
QR Code Creator
Create QR codes for URLs, plain text, or WiFi credentials with live preview.
Lorem Ipsum Generator
Generate classic lorem ipsum placeholder text by words, sentences, or paragraphs.
Barcode Generator
Generate CODE128, EAN-13, UPC-A, CODE39 barcodes and more. Download as SVG or PNG.
Frequently Asked Questions
- How strong is a generated password?
- Strength depends on length and character variety. A 16-character password using uppercase, lowercase, digits, and symbols has over 85 bits of entropy: far beyond the reach of brute-force attacks with current hardware.
- Is the password generation truly random?
- Yes. Passwords are generated using the browser's cryptographically secure random number generator (window.crypto.getRandomValues), the same API used in security-sensitive applications.
- Is my generated password sent to a server?
- No. All generation happens entirely in your browser. The password never leaves your device.
- What is the recommended password length?
- Security experts recommend at least 12 characters for regular accounts, 16+ for important accounts (email, banking), and 20+ for high-value targets. Longer is always better if the service supports it.
- Why should I use a password manager?
- A password manager lets you use a unique, complex password for every account without memorising them. Reusing passwords is one of the biggest security risks: if one site is breached, all your accounts become vulnerable.
- What characters count as symbols?
- The symbol set typically includes !, @, #, $, %, ^, &, *, (, ), -, _, +, =, [, ], {, }, ;, :, ', ", ,, ., <, >, ?, /, \, |, and ~. Some services restrict certain symbols: disable them with the character set toggles.
- What does excluding ambiguous characters do?
- Ambiguous characters are pairs that look similar in certain fonts: 0 (zero) and O (uppercase O), 1 (one) and l (lowercase L) and I (uppercase i). Excluding them reduces confusion if the password needs to be read from a screen or printed.
- Should my password contain dictionary words?
- Generally no: dictionary words are vulnerable to dictionary attacks even when combined. The random generator avoids real words entirely, which is the most secure approach for high-entropy passwords.
- Can I generate multiple passwords at once?
- Click Generate repeatedly to produce different passwords. Each click produces an independent, cryptographically random result.
- What is two-factor authentication and should I use it alongside a strong password?
- Two-factor authentication (2FA) requires a second proof of identity (like a phone app code) in addition to your password. Combining a strong unique password with 2FA provides significantly stronger account protection.
AlteredIdea vs alternatives
vs command-line tools: No terminal needed. Works in any browser on any device.
vs paid generator tools: Completely free, no account required, no rate limits.
vs library functions: Instant results: no coding needed. Just click and copy.