Are the passwords truly random?

Yes. The generator uses crypto.getRandomValues(), the same cryptographically secure source used by password managers and TLS libraries. Output is not predictable from prior passwords.

Is my password sent anywhere?

No. Generation happens entirely in your browser. The password never reaches a server, network request, or log file. You can verify this by watching the Network tab in DevTools.

How long should my password be?

For most accounts, 16–20 characters with all character types provides over 100 bits of entropy — sufficient against current brute-force attacks. For high-value accounts (banking, email), prefer 24+ characters.

What does "exclude similar characters" mean?

It removes visually ambiguous characters: 0 and O, 1 and I and l. This makes passwords easier to transcribe manually without reducing security significantly.

Should I store the generated password in a password manager?

Yes, always. A password manager lets you use a unique, long, random password for every account without memorising any of them. Generate here, paste into your manager.

Can I generate multiple passwords at once?

The tool generates one password per click. For batch UUID generation, see the UUID Batch Generator. For batch random strings, see the Random String Generator.

What is the strength meter based on?

Strength is calculated from entropy: log2(charset_size ^ length). Weak is below 40 bits, Fair 40–60, Strong 60–80, Very Strong above 80 bits.

Why use this instead of my password manager's built-in generator?

Both are fine. This tool is useful when you need a quick password without opening your manager, or when you want to verify the character distribution visually.

Generators /

Password generator

Generate cryptographically random passwords with custom length and character sets. Copy once, paste into your password manager.

100% in your browser. Passwords are never sent anywhere.

Length: 16 8 – 128

Character types

Uppercase (A–Z) Lowercase (a–z) Digits (0–9) Symbols (!@#…)

Exclude similar (0 O 1 I l)

Generated password

—

How to use

Set the desired password length using the slider. 16+ is recommended for most accounts.
Check the character types to include. Using all four types maximises entropy.
Enable Exclude similar characters if you need to type the password manually.
Click Generate password to create a new random password.
Click Copy, then paste directly into your password manager or account settings.

Common use cases

Account registration — generate a unique 20-character password for every new account.
API keys and secrets — use a long symbol-free password as a random secret token.
Wi-Fi passwords — generate a 12-character alphanumeric password easy to share on a sign.
Database credentials — pair with the Random String Generator for token generation.

Also see: Passphrase Generator for memorable multi-word passwords, and UUID Batch Generator for unique IDs.

常见问题

Are the passwords truly random?: Yes. The generator uses crypto.getRandomValues(), the same cryptographically secure source used by password managers and TLS libraries. Output is not predictable from prior passwords.
Is my password sent anywhere?: No. Generation happens entirely in your browser. The password never reaches a server, network request, or log file. You can verify this by watching the Network tab in DevTools.
How long should my password be?: For most accounts, 16–20 characters with all character types provides over 100 bits of entropy — sufficient against current brute-force attacks. For high-value accounts (banking, email), prefer 24+ characters.
What does "exclude similar characters" mean?: It removes visually ambiguous characters: 0 and O, 1 and I and l. This makes passwords easier to transcribe manually without reducing security significantly.
Should I store the generated password in a password manager?: Yes, always. A password manager lets you use a unique, long, random password for every account without memorising any of them. Generate here, paste into your manager.
Can I generate multiple passwords at once?: The tool generates one password per click. For batch UUID generation, see the UUID Batch Generator. For batch random strings, see the Random String Generator.
What is the strength meter based on?: Strength is calculated from entropy: log2(charset_size ^ length). Weak is below 40 bits, Fair 40–60, Strong 60–80, Very Strong above 80 bits.
Why use this instead of my password manager's built-in generator?: Both are fine. This tool is useful when you need a quick password without opening your manager, or when you want to verify the character distribution visually.

反馈这个工具的问题