Random Password Generator
This free password generator creates strong, random passwords entirely in your browser. Choose a length from 4 to 64 characters, pick which character types to include, and optionally exclude ambiguous characters like 0/O or 1/l/I. A real-time strength indicator shows how strong your current settings produce, and you can copy the result with one click.
How to Use It
- Adjust the length slider (4–64 characters — longer is stronger).
- Toggle which character types to include: uppercase, lowercase, numbers, and symbols.
- Optionally exclude ambiguous characters (0/O, 1/l/I) if you'll need to type the password manually.
- Click "Generate New Password" for a fresh one, or copy the current one with the Copy button.
How It Works
Every password is generated using your browser's Web Crypto API (crypto.getRandomValues()) — the same cryptographically secure random number source used for security-sensitive operations, never the predictable Math.random(). Each character is chosen using rejection sampling to avoid the subtle statistical bias that a naive random-index calculation can introduce, so every allowed character is equally likely to appear.
The strength indicator estimates entropy — the number of bits of randomness in the password, based on its length and the size of the character set you've selected. More length and more character types both increase entropy, but length has a bigger effect: each extra character multiplies the total number of possible passwords, while an extra character type only adds a fixed, smaller multiplier.
Everything happens on your device. No password this tool generates is ever sent over the network, logged, or stored anywhere.
Frequently Asked Questions
What makes a password strong?
A strong password is long and unpredictable — generated randomly rather than based on words, names, or patterns you'd recognize. Strength is really about how many possible passwords an attacker would have to try before guessing yours (its entropy), not about memorizing something clever.
Why does length matter more than complexity?
Each additional character multiplies the number of possible passwords, while adding a new character type (like symbols) only multiplies it by a small, fixed amount. A longer password made of just letters and numbers is often far stronger than a short one stuffed with symbols. When in doubt, make it longer.
Is this password generator actually secure?
Yes. It uses your browser's cryptographically secure random number generator (crypto.getRandomValues), never the weaker Math.random(), and every password is generated entirely on your device. Nothing you generate here is sent to a server, logged, or stored.
Should I exclude ambiguous characters like 0/O or 1/l/I?
Only if you're going to type or read the password somewhere those characters are hard to tell apart, like on paper or a low-resolution screen. It slightly reduces the character pool, so leave it off for maximum strength if you'll be copying and pasting the password instead of typing it.