Password Generator
Generate strong random passwords. Configurable length, character classes, and bulk count. Cryptographically secure.
About Password Generator
This generator produces random passwords using the browser's cryptographically secure random number generator (crypto.getRandomValues). You choose the length and which character classes to include — uppercase, lowercase, digits, and symbols. The 'exclude similar' option skips visually confusable characters (1, l, I, 0, O) for password readability.
When to use it
- Creating a new account password
- Generating temporary passwords for users
- Producing API keys, tokens, or shared secrets
- Filling testing fixtures with random credentials
How it works
A character pool is built from the selected classes. For each output position, crypto.getRandomValues produces a random index into the pool — without modulo bias, since the index is rejected and re-sampled if it would fall outside the largest multiple of the pool size within the random value's range.
Examples
Length=16, all classes, exclude similar
K9z#mvR$j8XbqPc!
Frequently asked questions
- Is the randomness cryptographically secure?
- Yes. crypto.getRandomValues is the browser's CSPRNG, suitable for password and key generation. Math.random is not used.
- What length should I choose?
- 16 characters with all four classes is roughly 100 bits of entropy — well beyond what any current adversary can brute force. For high-value accounts, 20+ is even better.
- Why exclude similar characters?
- When users will manually type or read a password, distinguishing 1/l/I and 0/O is annoying. Disabling them costs a tiny bit of entropy but improves usability significantly.