Skip to content
DevUtil

Password Generator - Generate Secure Random Passwords

20
4128

Characters

5
StrengthVery strong (130 bits)

About the Password Generator

Strong passwords are the first line of defence for any account or system. This generator creates cryptographically secure random passwords using your browser's built-in Web Crypto API. You can configure the length, choose which character sets to include, and generate multiple passwords at once.

How to Use

Adjust the length slider, toggle the character sets you want (uppercase, lowercase, numbers, symbols), set how many passwords to generate, and click Generate. Each password has a copy button for quick clipboard access. The strength meter shows the estimated entropy in bits.

Use Cases

  • Account passwords. Generate strong, unique passwords for online accounts and store them in a password manager.
  • API keys and secrets. Create long random strings for API keys, webhook secrets, and encryption keys.
  • Database passwords. Generate strong passwords for database users, service accounts, and admin credentials.
  • Testing. Quickly generate random strings for test data, placeholder values, and development environments.

Related Tools

Epoch / Unix Timestamp Converter

Convert between Unix epoch timestamps and human-readable dates.

Regex Tester

Test regular expressions against text with match highlighting.

UUID Generator

Generate random v4 UUIDs for use in databases and APIs.

Colour Converter

Convert colours between HEX, RGB, and HSL formats.

Frequently Asked Questions

How are the passwords generated?
Passwords are generated using the Web Crypto API (crypto.getRandomValues), which provides cryptographically secure random numbers. This is the same source of randomness used by browsers for TLS connections and other security-critical operations. No passwords are sent to any server.
What does the entropy (bits) number mean?
Entropy measures how unpredictable a password is. It is calculated as the password length multiplied by log2 of the character pool size. A 20-character password using uppercase, lowercase, numbers, and symbols has about 130 bits of entropy. 80 bits is considered strong for most purposes. 128 bits or more is very strong.
What is a good password length?
For general-purpose passwords, 16 to 20 characters with a mix of uppercase, lowercase, numbers, and symbols provides strong security. For high-value accounts (email, banking, password managers), 20 characters or more is recommended. For API keys and secrets that are never typed by hand, 32 to 64 characters is common.
Is my generated password stored anywhere?
No. Passwords are generated entirely in your browser using the Web Crypto API. Nothing is sent to any server. The passwords exist only in your browser's memory and are discarded when you close the page or generate new ones.