Password Generator

Never. Everything runs in your browser. No passwords, no settings, and no data of any kind leave your device. You can even disconnect from the internet after the page loads and keep generating passwords offline.

Security experts recommend at least 16 characters for general accounts, and 20+ for sensitive ones like email or banking. Longer passwords are exponentially harder to crack — each extra character multiplies the search space by the entire character set size. A 20-character password with full character sets has roughly 7 × 10³⁸ combinations.

Entropy measures unpredictability in bits: entropy = length × log₂(charset_size). A password with 80 bits of entropy means an attacker must try 2⁸⁰ ≈ 1.2 quadrillion billion combinations on average. NIST recommends 80+ bits for critical systems. This tool calculates and displays your password's entropy in real time.

Absolutely — it's one of the best security upgrades you can make. Password managers like Bitwarden (free, open-source), 1Password, or Dashlane store unique strong passwords for every site, so you only need to remember one master password. Generate your passwords here, then save them in your manager.

Strength is based on entropy bits: Weak (<40 bits) — crackable in seconds to hours with modern hardware. Medium (40–59 bits) — may take days to years. Strong (60–79 bits) — centuries at current speeds. Very Strong (80+ bits) — computationally infeasible with foreseeable technology.

In many fonts, the characters O (uppercase O), 0 (zero), l (lowercase L), 1 (one), and I (uppercase i) look nearly identical. Excluding them makes passwords easier to transcribe manually — useful when you need to type a password from paper or a phone screen into a desktop. The trade-off is a very slight reduction in entropy, which is negligible at lengths above 12.