Strong Password Generator
Random passwords, passphrases, and pronounceable passwords with live entropy and time-to-crack. Everything runs in your browser — nothing leaves the page.
Generate a Strong Password
Privacy note
All passwords are generated locally in your browser using the Web Crypto API (crypto.getRandomValues). Nothing is transmitted, logged, or stored. Copying triggers a 30-second auto-clear so a generated password doesn't linger on screen.
Password entropy explained
Entropy is the measurement cryptographers use to talk about password strength, expressed in bits. The formula is straightforward: entropy = length × log2(charset size). A password with a 26-character lowercase alphabet at length 12 has 12 × log2(26) ≈ 56 bits; the same length drawn from the full 94-character ASCII printable set has 12 × log2(94) ≈ 79 bits. Each extra bit of entropy doubles the search space an attacker has to traverse, so the relationship between bits and effort is exponential — moving from 50 bits to 70 bits isn't 40% harder, it's over a million times harder. As a working scale: under 40 bits is weak (cracked by a laptop in seconds to hours), 40–60 bits is fair (resistant to casual attackers but not sophisticated ones), 60–80 bits is strong (safe against ordinary offline attacks for years), and above 80 bits is very strong — beyond the reach of any attacker not running a multi-billion-dollar facility.
Passphrases vs passwords: which is more secure?
The famous xkcd cartoon “correct horse battery staple” got the maths right. Four random words from a list of ~7,800 (the standard EFF wordlist) gives you 4 × log2(7800) ≈ 51 bits; five words is ~64 bits; six is ~77 bits — comparable to a 12-character random ASCII password and dramatically easier to type and remember. The catch: the words must be chosen randomly by a computer, not by you. A human picking “cat dog blue tree” off the top of their head has nowhere near the same entropy — humans cluster on common words and predictable themes. The generator on this page uses crypto.getRandomValues to pick uniformly, so the entropy figure shown is the real one. For a vault master password — something you must actually memorise — a 6-word random passphrase is almost always the right choice. For everything else, let your password manager generate a 20+ character random string and never look at it.
How to actually use a strong password
The honest truth: memorising more than two or three strong passwords is hopeless, and reusing one across sites is the single largest cause of personal account breaches. Use a password manager — 1Password, Bitwarden, Apple Passwords, or the browser's built-in vault are all fine. Generate a unique 20+ character random password for every account and let the manager autofill them. Memorise exactly two passphrases: one for the manager itself and one for your primary email (because email is the recovery channel for everything else). Enable two-factor authentication on those two accounts. Everything else can be a string of nonsense you've never seen and never will. The strength of an individual password matters far less than this overall pattern; an 80-bit password reused across fifty sites is weaker, in practice, than a 60-bit unique password per site, because one breach takes down the lot.
What makes a password “crackable” in seconds
Brute force is rarely how passwords actually fall — attackers don't enumerate every 8-character ASCII string, they start with what works. Dictionary attacks try the top 10,000 most common passwords in seconds; if your password is “summer2024” or “qwerty123”, no length will save you because the candidate is already in the list. Rule-based cracking takes that dictionary and applies transformations (capitalise first letter, append a digit, swap o→0) — covering an enormous space of human-typical patterns at billions of guesses per second. Rainbow tables are precomputed lookups for unsalted hashes, making weak database passwords instantly reversible. Credential stuffinguses lists of leaked username/password pairs from one site against thousands of others. The defence against all of this is the same: a long, genuinely random string that doesn't resemble a word, a date, or a pattern. The time-to-crack estimate above assumes pure brute force at 1 trillion guesses per second — a conservative figure for a modern offline attack against a fast hash. Against a proper slow hash like bcrypt or Argon2, real attackers manage thousands of guesses per second instead, and an 80-bit random password effectively becomes uncrackable in any human time-scale.
Frequently Asked Questions
Find this useful?
These tools are free and ad-free. Support the project!