Set password length from 4 to 128 characters. 16+ is recommended for secure accounts.
Include A–Z uppercase letters for added complexity and most password policy requirements.
Include a–z lowercase letters. Combined with uppercase, these increase the character pool significantly.
Include digits 0–9. Almost all password policies require at least one number.
Include special characters like !@#$%^&*()_+-=[]{}. Dramatically increases strength.
Remove characters like 0/O, 1/l/I that look similar and cause transcription errors.
Generate 5, 10, or 20 passwords at once. Useful for creating passwords for multiple accounts or users.
Generate a memorable passphrase of random words (e.g. "correct-horse-battery-staple") that is both secure and easier to remember.
| Strength | Length | Character Types | Time to Crack |
|---|---|---|---|
| Weak | 6–8 chars | Letters only | Minutes to hours |
| Fair | 8–10 chars | Letters + numbers | Days to weeks |
| Strong | 12–14 chars | Upper + lower + numbers + symbols | Years to decades |
| Very Strong | 16+ chars | All character types | Centuries or longer |
Check the character types you want: Uppercase, Lowercase, Numbers, Symbols. Enable "Exclude Ambiguous Characters" if you need to type the password manually and want to avoid look-alike characters.
Drag the length slider or enter a number. Use at least 12 characters for regular accounts, 16+ for email and banking, and 20+ for master passwords and admin accounts.
Click the Generate button. A new random password appears instantly. The strength meter shows how secure it is. Click Regenerate as many times as you like to get different options.
Click Copy to copy the password to your clipboard. Immediately save it in a password manager (like Bitwarden, 1Password, or Dashlane) — never store passwords in plain text or browser autofill alone.
Generate a unique strong password every time you create a new online account.
Generate a fresh strong password when you need to reset a compromised account.
Create a strong router password that's hard to guess but can be shared via QR code.
Generate secure credentials for servers, databases, and service accounts.
Generate temporary passwords for new team members or shared service logins.
Generate random strings for use as encryption keys, API secrets, or tokens.
You only need to remember ONE master password. Let a password manager (Bitwarden is free and open-source) remember all your unique generated passwords — the strongest security habit you can build.
If one website is breached, a reused password puts ALL your other accounts at risk. Use a unique password for every account — the generator makes this effortless.
"correct-horse-battery-staple" has more entropy than "P@ssw0rd!" despite looking simpler. A 4-word passphrase is both easier to remember and significantly harder to brute-force.
Even a strong password can be phished. Enable two-factor authentication (2FA) on every account that supports it — especially email, banking, and social media accounts.