Customizations

Number of passwords

Password Length

Uppercase

Lowercase

Numbers

Symbols

Avoid Similar

password list

Your privacy is protected. Passwords and passphrases are generated entirely in your browser. We never store, transmit, or have access to your passwords or passphrases.

What actually makes a password strong?

You've probably heard "use a strong password" a million times. But what does that really mean? It's not about replacing letters with numbers (p4ssw0rd isn't fooling anyone) or adding an exclamation mark at the end.

A strong password comes down to one thing: unpredictability. The harder it is for software to guess, the better. Here's what matters:

Length beats complexity. A 16-character password using just lowercase letters is harder to crack than an 8-character password with symbols. Every extra character multiplies the possibilities exponentially.
Randomness is key. "Sunshine123!" feels random to you, but it's one of the most common passwords out there. True randomness means no words, no patterns, no personal info.
Uniqueness per account. Your strongest password becomes worthless if you use it everywhere. One breach exposes all your accounts.

That's why tools like this exist — humans are terrible at being random. We think in patterns. Computers don't.

Passwords vs. passphrases: which should you use?

Short answer: it depends on where you're using it.

Use a random password when:

You're storing it in a password manager (you won't need to remember it)
The site has a short character limit
You want maximum security per character

Use a passphrase when:

You need to type it frequently (like your computer login)
You can't use a password manager in that context
You want something memorable but still secure

A 4-word passphrase like crane-hotel-pizza-swift has roughly the same security as a random 8-character password — but you can actually remember it. Bump it to 5 or 6 words for sensitive accounts.

The catch? Passphrases only work if the words are truly random. Don't pick words yourself — you'll unconsciously choose common combinations. Let the generator do it.

How to actually store your passwords

Creating strong passwords is half the battle. Storing them safely is the other half.

Good options:

Password manager apps — 1Password, Bitwarden, Dashlane, or your browser's built-in manager. They encrypt everything and sync across devices.
Encrypted notes — If you're privacy-conscious, apps like Standard Notes or encrypted vaults work well.
Paper (yes, really) — A notebook in a secure location beats a sticky note on your monitor. Physical security is underrated.

Bad options:

Plain text files on your computer
Email drafts
That notes app syncing to who-knows-where
Reusing the same password because you can't remember more

Most people resist password managers because they seem complicated. They're not. Spend 20 minutes setting one up and you'll wonder why you waited so long.

Password mistakes you're probably making

No judgment — almost everyone does these:

Using personal info. Your dog's name, birthday, anniversary, street name — all easy to find on social media. Hackers check these first.
Pattern typing. Sequences like "qwerty" or "123456" or keyboard patterns like "zxcvbn" are in every cracking dictionary.
The +1 trick. When forced to change your password, adding a number at the end (Password1, Password2...) is predictable.
Security questions with real answers. Your mother's maiden name is public record. Use fake answers and store them like passwords.
Skipping two-factor authentication. Even a perfect password can be phished. 2FA is your backup plan.

Quick answers

How long should my password be?

12 characters minimum for important accounts. 16+ if the site allows it. For passphrases, 4 words minimum, 5-6 for anything financial or sensitive.

Are these passwords truly random?

Yes. This tool uses your browser's cryptographic random number generator — the same one used for secure web connections. Nothing is predictable, nothing is stored.

Should I include symbols?

If you can, yes. But don't sacrifice length for complexity. A 20-character password without symbols beats a 10-character password with them.

How often should I change passwords?

Only when there's a reason to — like a breach announcement or suspicious activity. Forced regular changes often lead to weaker passwords (see: the +1 trick above).

What's the "Avoid Similar" option?

It removes characters that look alike: 0 and O, 1 and l and I. Useful when you might need to read the password aloud or type it from a printout.

Password creator.

Simplified. Free.