The difference between a password that gets cracked in minutes and one that outlives the sun is almost entirely a question of entropy. Tools that generate passwords from Math.random() give you the appearance of randomness, not the real thing. This generator uses crypto.getRandomValues(), which draws from the operating system's CSPRNG -- the same source your browser uses for TLS session keys.
The most important fact about passwords: length beats complexity.
A 20-character all-lowercase password (afrog-jumped-moon-tacos-today) carries ~94 bits of entropy. A 10-character "complex" password (P@ssw0rd!) carries ~65 bits despite ticking every complexity checkbox. Each extra character multiplies the brute-force search space by the alphabet size (N). Adding a new symbol type only raises N slightly. Length is linear; complexity is logarithmic. Prefer the former.
To put entropy in concrete terms:
| Strength | Entropy | Crack time at 10 billion guesses/sec |
|---|---|---|
| Weak | under 40 bits | minutes to hours |
| Moderate | 40-60 bits | days to months |
| Strong | 60-80 bits | years to decades |
| Very Strong | 80-128 bits | centuries and beyond |
Aim for 60+ bits minimum, 80+ bits for anything you actually care about.
The Diceware option trades raw entropy for human memorability. The EFF wordlist contains 7,776 words; each word contributes ~12.9 bits of entropy:
- 4 words (~52 bits) -- memorable moderate security. Good for a master password.
- 5 words (~64 bits) -- solid for most purposes. You can type it.
- 6 words (~77 bits) -- strong security, still reasonably memorable.
- 8 words (~103 bits) -- very strong; more suitable for a passphrase you store in a password manager and copy-paste.
correct-horse-battery-staple-pencil is the famous example. Do not google for phrases; roll the dice (or let crypto.getRandomValues() pick the indices).
Things that trip up password storage (this is adjacent to generation, but it is where projects go wrong):
- Use a password manager (Bitwarden, 1Password, KeePass). Let it generate and store 20+ unique random passwords. No human needs to memorize 50 unique strong passwords manually.
- Every account gets its own password. Credential-stuffing attacks (try a leaked email+password combo on 200 other sites) succeed because people reuse. One breach should not cascade into 40 compromises.
- Enable TOTP/FIDO2 2FA everywhere it is offered. A strong password plus a second strong factor is the actual security recipe. SMS 2FA is better than nothing; FIDO2 (passkeys) is better than SMS.
- Do not use personal information (names, birthdays, team names, pet names). These collapse the effective entropy dramatically when an attacker knows you.
- Avoid "complexity rules" from sysadmins that cap length and ban certain symbols. NIST SP 800-63B now explicitly advises against composition rules that humans satisfy by picking
Spring2024!. Length and blocklists of common passwords work better.
The "exclude ambiguous characters" toggle (skip 0/O, 1/l/I) matters if you are going to type the password by hand -- reading a WiFi password off a sticker is easier with those gone. For passwords you paste from a password manager, leave them in; they add real entropy.
All computation happens in-browser and is never transmitted. Disconnect from the internet first if you want belt-and-suspenders paranoia.