Password Generator
Strong random passwords generated with your browser's cryptographic randomness — never sent anywhere, not even to us.
What makes a password strong
Only two things: length and true randomness. Every added character multiplies the search space; every human "pattern" (words, dates, keyboard walks, s@bstitutions) collapses it. Modern cracking rigs test billions of guesses per second against stolen password databases — but a random 16-character mixed password has ~1031 combinations, putting it beyond any practical attack.
The rules that actually matter
- Unique per site. Reuse is the #1 cause of account takeovers: one breached site unlocks the rest ("credential stuffing"). A password manager makes uniqueness effortless.
- 16+ characters for anything important; 12 is the bare floor.
- Turn on two-factor authentication for email and banking — it saves you even when a password leaks.
- Your email account outranks everything — it can reset all other passwords. Give it your strongest protection.
Random string vs. passphrase
Both work when random: "correct horse battery staple"-style passphrases (4–5 truly random words) are easier to type on a TV or memorize for a master password; random strings are denser (shorter for the same strength) and belong in a password manager. Use passphrases for the few you must remember, generated strings for everything else.