Password Generator
Strong, random, and never leaves your browser.
Choose options below
Advanced · cryptographic keys
About this password generator
This tool creates cryptographically strong random passwords using your browser's Web Crypto API (crypto.getRandomValues). Nothing is sent to a server — generation happens entirely on your device.
How long should my password be?
Length is the single biggest factor in password strength. With mixed character sets, 16 characters gives roughly 100 bits of entropy, which is generally considered safe against offline brute-force. For master passwords or password-vault keys, prefer 24+ characters.
What does "Avoid look-alikes" do?
It removes ambiguous characters that look similar across fonts: i I 1 L l o 0 O. Useful when passwords need to be read aloud or transcribed.
What does "Avoid sequences" do?
It re-rolls passwords that contain runs like 123, abc, or XYZ. These reduce real-world entropy because attackers' wordlists weight them heavily.
What is the AES-256 key for?
The "AES-256 key" option produces a 32-byte (256-bit) random key as a hex string, suitable for AES-GCM encryption. The "IV" option produces a 16-byte (128-bit) initialization vector. Both are generated via the Web Crypto API.
Is this generator safe to use?
Yes — provided your device isn't compromised. The Web Crypto API uses your operating system's cryptographically secure random source. We don't transmit, log, or store generated values.