Select your password length and which character types to include (uppercase, lowercase, numbers, symbols). The calculator builds a pool from your selections, then picks random characters one at a time using Math.random(). Everything happens in your browser—nothing is sent to any server. The strength meter computes a simple score based on length (the strongest factor) and the number of character types, then displays entropy in bits to show the mathematical security level.
Math.random() is suitable for everyday passwords on regular accounts. For high-security applications (cryptocurrency wallets, master passwords), use a dedicated password manager or hardware solution that uses cryptographic randomness.
16+ characters is strong. 12 characters is fair. Aim for at least 50 bits of entropy (shown in the math). Length beats complexity—a 20-character password with just lowercase is stronger than a 10-character mix.
Use what the site requires. If optional, mixing uppercase, numbers, and symbols adds safety against targeted guessing. But a long password with just lowercase is safer than a short password with every type.
Both work well. Passphrases (like "correct-horse-battery-staple") are easier to remember and equally strong if long enough. This generator suits sites that don't allow spaces or special punctuation.
Yes, absolutely. Password managers store generated passwords securely and auto-fill them. This generator is for quick, temporary passwords or learning how randomness works.
Estimate only. Results reflect your inputs and standard formulas. Double-check important decisions independently.