All tools
Password Generator

Password generator

Generate strong, random passwords instantly. Choose your length and character mix, then copy with one tap.

  • Up to 64 characters long
  • Uppercase, lowercase, numbers & symbols
  • Generate up to 5 at once
  • One-click copy to clipboard
Advert

What makes a password strong?

Password strength comes from two things: length and entropy. A longer password with more character types has exponentially more possible combinations. A 16-character password using uppercase, lowercase, numbers, and symbols has more than 10 septillion possible combinations — computationally infeasible to brute-force with current hardware.

The NCSC (National Cyber Security Centre) recommends prioritising length over complexity. Three random words strung together can be as strong as a complex 12-character string — and much easier to remember.

How passwords are generated here

Passwords are generated using JavaScript's Math.random() function, which runs entirely in your browser. Nothing is transmitted to any server; nothing is stored. Closing or refreshing the page discards all generated passwords. The character pool is drawn from your selected character types — uppercase letters, lowercase letters, digits, and/or symbols.

Password best practices

  • Use a unique password for every account — never reuse passwords.
  • Use a password manager (Bitwarden, 1Password, or the built-in browser manager) to store them securely.
  • Enable two-factor authentication (2FA) wherever possible — a strong password plus 2FA is far more secure than a password alone.
  • Avoid dictionary words, names, dates, or keyboard patterns (qwerty, 123456).
  • Change passwords immediately if a service you use reports a data breach.
  • Aim for at least 12 characters; 16 or more for financial, email, and work accounts.

If you need placeholder text or credentials for a design mockup, pair this tool with our Lorem Ipsum generator or word counter.

Frequently asked questions

Is it safe to use passwords generated here?
Yes. All passwords are generated entirely within your browser using JavaScript. Nothing is sent to any server, logged, or stored anywhere. You can verify this by disconnecting from the internet and generating passwords — it still works.
How long should my password be?
NCSC recommends a minimum of 12 characters. For high-value accounts (email, banking, work systems), 16 or more characters is advisable. Length is the single biggest factor in password strength.
Do I need to include symbols?
Symbols significantly increase entropy, but some services do not allow them. If symbols are blocked, compensate by increasing the password length to at least 16–20 characters.
Should I use a password manager?
Yes. A password manager lets you use a unique, random password for every account without needing to memorise them. Bitwarden is free and open-source; 1Password and Dashlane are popular paid options.
What is two-factor authentication (2FA)?
2FA requires a second proof of identity (usually a code from an authenticator app) in addition to your password. Even if your password is stolen, an attacker cannot log in without the second factor. Enable it on all accounts that offer it.
Can I generate passwords for multiple accounts at once?
Yes. Set the Quantity to 3 or 5 to generate multiple passwords in one click. Each password is independently random. Copy them individually using the copy icon next to each one.
Advert
Advert