Generated safely in your browser
This generator uses your browser's cryptographically secure random source (the Web Crypto API), the same class of randomness recommended for security purposes. Nothing is sent to a server — the password is built locally and never leaves your device, so it's safe to use for real accounts.
What makes a strong password
Length matters more than anything: each extra character multiplies the number of possible combinations. Mixing uppercase, lowercase, numbers and symbols widens the pool further. A 16-character password drawing on all four types is extremely hard to brute-force. Aim for at least 12–16 characters, and longer for anything important.
Using passwords well
Use a different password for every account so one breach can't unlock the rest, and store them in a password manager rather than reusing or writing them down insecurely. Where available, turn on two-factor authentication for an extra layer beyond the password itself.
Frequently asked questions
Are these passwords stored anywhere?
No. They're generated entirely in your browser and never transmitted or saved by this site. Once you leave the page, the password is gone unless you've copied it somewhere.
How long should my password be?
At least 12 characters for everyday accounts and 16 or more for email, banking and password managers. Longer is always stronger.