100% client-side — verify in your network tab

Random Password Generator

Strong random passwords with full control over length and character sets.

$ pwgen -s 20 1

What makes a password strong?

Length beats cleverness. Every extra character multiplies the number of possible passwords, so a 20-character random password from the full 94-character set carries about 131 bits of entropy — far beyond what any brute-force attack can search. Substituting a with @ in a dictionary word, on the other hand, adds almost nothing: cracking tools try those substitutions first.

How this generator works

Characters are drawn with crypto.getRandomValues(), the cryptographically secure random number generator built into your browser — never Math.random(). The generator uses rejection sampling, so every character in the selected set is exactly equally likely (no modulo bias). Generation happens entirely on your device: open your browser's network tab and you'll see that no generated value ever leaves the page.

Practical advice

Use a password manager and give every account its own random password — the one case where you should prefer a passphrase is the handful of secrets you must type from memory, like the password manager's master password. The "no ambiguous characters" option removes 0/O and 1/l/I, which helps when a password has to be read aloud or retyped from paper.

Nothing leaves your browser

More free generators