🔐 Security Tool

Password Generator

Generate strong, random passwords instantly. Customise length and character types to meet any security requirement.

🔐 Generate a Secure Password

Adjust the settings below and click Generate. Your password is created locally — never sent to any server.

Click Generate to create a password

Password Strength—

Length 16

Uppercase (A–Z) Lowercase (a–z) Numbers (0–9) Symbols (!@#$…) Exclude Ambiguous (0,O,l,1)

Why You Need a Strong Password

In an era of frequent data breaches and increasingly sophisticated cyberattacks, your passwords are your first line of defence. A weak password can be cracked in seconds using brute-force attacks or dictionary methods. Our Password Generator creates cryptographically random passwords that are virtually impossible to guess or crack.

What Makes a Password Strong?

Password strength comes from two factors: length and complexity. Length is actually more important than complexity — a 20-character password of random lowercase letters is harder to crack than a 10-character password with symbols. The combination of both is ideal. Security experts now recommend passwords of at least 16 characters for important accounts.

Password Security Best Practices

Never reuse passwords: If one site is breached, all your accounts using that password become vulnerable.
Use a password manager: Tools like Bitwarden, 1Password, or LastPass store and auto-fill passwords so you only need to remember one master password.
Enable two-factor authentication: A strong password plus 2FA provides robust protection even if your password is compromised.
Don’t use personal information: Names, birthdays, and common words are among the first things attackers try.
Change compromised passwords immediately: Use services like HaveIBeenPwned to check if your email has been in a data breach.

How This Generator Works

This tool uses the browser’s built-in cryptographic random number generator (window.crypto) to generate passwords. This is the same type of randomness used in security applications and is far more secure than standard Math.random(). Your password is never transmitted to any server — everything happens in your browser.

Frequently Asked Questions

How long should my password be?

For general accounts, 16 characters is the recommended minimum. For high-value accounts (banking, email, work systems), use 20+ characters. The longer the better — length is the most significant factor in password strength.

Is it safe to use an online password generator?

This generator creates passwords entirely in your browser using cryptographic randomness. Nothing is sent to any server. You can verify this by disconnecting from the internet — it still works. The password is only as vulnerable as your clipboard and screen.

Should I include symbols in my password?

Symbols increase the character set size, making brute-force attacks harder. However, some systems don’t accept certain symbols. If a site restricts symbols, use a longer all-alphanumeric password to compensate.

What are ambiguous characters?

Characters like 0 (zero), O (uppercase o), l (lowercase L), and 1 (one) look similar in many fonts. Excluding them reduces confusion when typing passwords manually, at the cost of a slightly smaller character set.

How often should I change my passwords?

Current security guidance (NIST) suggests you don’t need to change passwords on a schedule unless there’s a reason to believe they’ve been compromised. Focus instead on using strong, unique passwords for every account.