Password Generator

Generate strong, random passwords in your browser. No account or upload needed.

password security generator
Free Client-Side Private
Character sets
🔒 This tool runs entirely in your browser — your files are never uploaded to any server.

Password Generator creates strong, random passwords directly in your browser. It uses the Web Crypto API so that every password is produced by a cryptographically secure source of randomness — not a predictable algorithm. Nothing is stored, logged, or transmitted. The tool works entirely offline once the page has loaded.

Tool interface

All settings are visible without any file upload step:

  • A length slider ranging from 4 to 128 characters
  • Four character set checkboxes: 'Uppercase A–Z', 'Lowercase a–z', 'Numbers 0–9', and 'Symbols'
  • A count selector to generate 1, 5, or 10 passwords at once
  • A 'Copy' button next to each individual password
  • A 'Copy All' button that appears when multiple passwords are displayed

Tool description

Passwords are generated using crypto.getRandomValues() — the browser's built-in cryptographic random number generator. This is different from Math.random(), which is designed for simulations and produces predictable sequences that are not suitable for security-sensitive purposes.

You control the character pool by enabling or disabling four sets:

  • 'Uppercase A–Z' — 26 characters
  • 'Lowercase a–z' — 26 characters
  • 'Numbers 0–9' — 10 characters
  • 'Symbols' (!@#$%^&*()-_=+[]{};:,.?) — 24 characters

The larger the character pool and the longer the password, the more combinations an attacker would need to try. A 16-character password drawn from all four sets has far more possible values than any practical brute-force attempt could cover.

Some practical use cases:

  • Creating a new login password for a website or service
  • Generating a temporary password to hand to a new user
  • Producing multiple candidates to pick from before deciding
  • Setting a strong passphrase for an encrypted archive or vault

How to use

  1. Set the 'Length' slider to the number of characters you need.
  2. Enable or disable character sets with the checkboxes.
  3. Choose how many passwords to generate — 1, 5, or 10.
  4. Click 'Generate'. The passwords appear immediately below.
  5. Click 'Copy' next to any password to send it to your clipboard.

Tip: For most online accounts, 16 characters with all four sets enabled is a strong and practical choice. If a site rejects symbols, uncheck 'Symbols' and regenerate.

FAQ

Is crypto.getRandomValues() truly secure?

Yes. It is the Web Crypto API's source of cryptographic randomness, suitable for generating keys, tokens, and passwords. It is not the same as Math.random(), which is explicitly documented as unsuitable for security use.

Are the generated passwords stored anywhere?

No. The tool has no server component. Nothing is written to a database, cookie, or local storage. Once you navigate away, the passwords are gone.

What does the 'Symbols' set include?

The following characters: !@#$%^&*()-_=+[]{};:,.? — a selection commonly accepted by most websites and services, avoiding characters that cause problems in some systems.

What length should I use?

16 characters is a solid baseline for most login passwords. For high-value accounts — email, banking, or a password manager master password — 24 characters or more is a meaningful step up.

Can I generate passwords without an internet connection?

Yes. Once the page has loaded, the generator runs entirely in your browser. No network requests are made during generation.

Report an issue