Strong, random passwords generated locally. Never sent anywhere.
click generate
How can you trust a password generator that runs on someone else's server? You can't really know it isn't logging what it creates. This one is different: it generates everything locally in your browser using the Web Crypto API (crypto.getRandomValues) — a cryptographically secure random source. Nothing is transmitted, logged, or stored. You can even turn off your internet and it still works.
Uses your device's cryptographic RNG — not the weak Math.random() many tools rely on.
See real entropy in bits and an estimated time-to-crack as you adjust settings.
Generate XKCD-style word passphrases that are strong yet easy to type.
Need many at once? Generate 5 or 10 in one click, each copyable.
No. Generation happens entirely in your browser. The password never leaves your device.
It uses crypto.getRandomValues, the browser's cryptographically secure generator, with rejection sampling to avoid bias.
Yes — a 4-word random passphrase has strong entropy and is far easier to remember and type than a random symbol string.
16–24 characters for random passwords, or 4–6 words for passphrases, covers virtually all needs.