Strong Password Generator
Cryptographically secure · Breach check · 100% in your browser — nothing sent to any server.
Length
Character Types
Generating…
Copied!
Generate 5 at Once — Pick Your Favorite
Click "Generate 5" to compare options and choose the best one.
How it works
Every step runs locally in your browser. No password ever leaves your device.
1. Cryptographic generation
Uses
crypto.getRandomValues() — the same CSPRNG used in TLS. Each character is selected with unbiased uniform sampling (rejection sampling eliminates modulo bias). Passphrases use a curated 7,776-word EFF wordlist.
2. Strength scoring
zxcvbn.js (Dropbox) models real attacker strategy: dictionary attacks, keyboard walks (qwerty/123456), l33t substitutions, repeated sequences. Returns score 0–4 and crack-time for a slow-hash offline scenario.
3. Entropy estimate
Theoretical entropy = length × log₂(pool size). A 20-char password with all four character classes (88-char pool) gives ~129 bits. A 4-word passphrase from a 7,776-word list gives ~51 bits — still excellent for most uses.
4. k-Anonymity breach check
SubtleCrypto hashes your password in-browser. Only the first 5 hex characters of the SHA-1 are sent to HIBP. The full hash is matched locally — impossible to reconstruct your password from the 5-character prefix alone.
Frequently asked questions
No. Generation and strength scoring run entirely on your device. When you click "Check Breach", only the first 5 hex characters of your password's SHA-1 hash are sent to the Have I Been Pwned range endpoint — this is the k-Anonymity model. Those 20 bits of a 160-bit hash are mathematically insufficient to reconstruct your password, and the HIBP API is designed so even its operators cannot determine what you checked.
Both are excellent when generated correctly. A random 20-character password from all four character classes (88-char pool: A–Z, a–z, 0–9, symbols) gives ~129 bits of entropy — effectively uncrackable with any foreseeable hardware. A 4-word passphrase from a 7,776-word list gives ~51 bits, and 5 words gives ~64 bits. Passphrases are easier to type and remember (useful for master passwords or ssh keys), while random passwords are shorter for a given entropy level. For high-value accounts (password manager, banking, email) use ≥24 random characters or ≥6 passphrase words.
NIST SP 800-63B and CISA recommend at least 15–16 characters for human-created passwords. For machine-generated passwords like this tool produces, 20 characters using all four character classes (88-char pool) yields ~129 bits of entropy — sufficient against any foreseeable brute-force attack. For very high-value accounts (banking, email, password manager master password) use 24+ characters.
A hit in Have I Been Pwned means that exact password string appeared in at least one publicly leaked credential database. It does not necessarily mean your account was breached — but it does mean attackers have that password in their wordlists and will try it in credential-stuffing attacks. Generate and use a new password immediately. Even one occurrence is enough reason to discard it.
Some older web applications restrict special characters (e.g. they break SQL-escaping or legacy LDAP filters). If a site rejects your generated password, uncheck "Symbols" and increase the length to compensate — a 28-character alphanumeric password (62-char pool) still gives ~167 bits of entropy, more than enough. Alternatively, use the Passphrase mode which avoids special characters entirely.
When checked, the tool removes characters that look similar in many fonts:
0 (zero) vs O (letter O), 1 (one) vs l (lowercase L) vs I (uppercase i). This is useful when you need to read back a password verbally or type it into a device where you can't paste. It slightly reduces entropy (from an 88-char pool to ~83), so increase the length by 1–2 characters to compensate.