Don's Tools · Security & Privacy · Password Generator

Password generator

Create strong, random passwords and passphrases in your browser, from a secure source, with a live strength meter. Nothing is uploaded.

Password Generator creates strong, random passwords and passphrases entirely in your browser using the Web Crypto secure random source, with nothing uploaded. Choose the length and character types, exclude look-alike characters, require at least one of each type, avoid repeats and sequences, set your own symbol list, or switch to passphrase mode for memorable word based passwords. A live strength meter shows the entropy in bits and an estimated time to crack, and you can generate several at once.

Frequently asked questions

Are the passwords sent anywhere?

No. Every password is created on your device in your browser using the secure Web Crypto random generator. Nothing is sent, stored or logged, and it keeps working even offline once the page has loaded.

Is the randomness actually secure?

Yes. It uses crypto.getRandomValues, your operating system's cryptographic random source, with rejection sampling so every character is equally likely. It does not use the weak Math.random that some generators rely on.

How long should my password be?

Aim for at least 16 characters with several character types for everyday accounts, and 20 or more for important ones. The meter shows the entropy in bits, where 60 plus is strong and 80 plus is very strong.

What is passphrase mode for?

A passphrase is several random words, which is far easier to remember and type than a random string while still being strong, which makes it ideal for a master password. Add a number or symbol if a site insists on them.

What do all the options do?

You can set the length, choose which character types to include, exclude look-alikes such as 0 and O, require at least one of each type, avoid repeats and sequences, start with a letter, set your own symbol list or exclude specific characters, and generate several at once.