Password Generator

How Password Generation Works

A strong password is your first line of defense against unauthorized access. This generator creates cryptographically random passwords using the Web Crypto API (crypto.getRandomValues), which provides true randomness from your operating system's entropy source. Unlike Math.random(), these values are suitable for security-sensitive applications.

Password strength depends on two factors: length and character pool size. Each additional character multiplies the number of possible combinations. A 12-character password using uppercase, lowercase, numbers, and symbols (95 possible characters) has 95^12 combinations, approximately 5.4 x 10^23. At one trillion guesses per second, brute-forcing this would take over 17,000 years.

The exclude ambiguous characters option removes visually similar characters like 0 and O, 1 and l and I. This is helpful when passwords need to be communicated verbally or typed manually. The strength meter evaluates your password based on length, character diversity, and entropy. For maximum security, use passwords of 16 or more characters with all character types enabled, and never reuse passwords across accounts. Consider using a password manager to store your generated passwords securely.