Password Generator
Generate strong, secure random passwords with customizable options.
About This Tool
Password Generator creates strong, random passwords with customizable length and character sets — including uppercase, lowercase, digits, and special symbols. It calculates password entropy in real time so you can gauge the strength of each generated password. Essential for anyone who needs secure credentials for accounts, APIs, or database access.
How It Works
This tool uses the Web Crypto API's `crypto.getRandomValues()` to generate cryptographically secure random numbers, which are far superior to `Math.random()` for security purposes. The algorithm builds a character pool based on your selections (uppercase A-Z, lowercase a-z, digits 0-9, special symbols), then picks characters uniformly at random from that pool for each position in the password.
Password strength is measured in bits of entropy, calculated as: entropy = length x log2(pool size). For example, a 16-character password drawn from a pool of 94 characters (all printable ASCII) yields approximately 104.8 bits of entropy. NIST guidelines recommend a minimum of 80 bits for high-security applications. The tool also checks against common patterns — sequential characters, repeated characters, and dictionary words — to ensure the generated password resists both brute-force and dictionary attacks.
Related Articles
Your 8-Character Password Can Be Cracked in 39 Minutes: Password Math for 2026
How long each password length actually takes to crack in 2026 hardware, why passphrases beat symbol-heavy passwords, and how password managers shift the real problem.
2026-03-18Why Korean Offices Still Pick Who Buys Coffee with a Ladder Game — The Ghost Leg Guide
The ladder game (Ghost Leg, amidakuji) is mathematically fair, visually dramatic, and better than a coin flip when you have 3+ options. Here's why it works.
2026-03-23Why Your Image Isn't Rendering in Email: Understanding Base64 Encoding for 2026
Base64 is the invisible layer that makes email attachments, inline images, and JWT tokens work — and the reason your btoa() call crashes on emoji. This guide explains how it works, when to use it, and the exact mistakes that will waste your afternoon.