Password Generator
Generate strong, random passwords instantly. Runs in your browser using the Web Crypto API — nothing is sent to any server.
Need more developer tools?
Check out the full OGPix toolkit — OG image generator, Base64 encoder, UUID generator, and more. All free.
Browse All Tools →Why Use a Password Generator?
Humans are terrible at creating truly random passwords. We tend to use patterns, dictionary words, and predictable substitutions that attackers can guess. A cryptographic password generator eliminates this bias by using the Web Crypto API's crypto.getRandomValues() to produce genuinely random characters, making brute-force attacks exponentially harder.
Understanding Password Entropy
Entropy measures the unpredictability of a password in bits. It is calculated as log2(charset_size) × length. A password with 80+ bits of entropy is considered very strong. Increasing password length or the character set size both increase entropy, but length has a more significant impact.
Is This Tool Secure?
Yes. All password generation happens entirely in your browser using the Web Crypto API. No passwords are ever transmitted over the network, stored, or logged. You can verify this by disconnecting from the internet and using the tool offline.
Frequently Asked Questions
Is my password stored anywhere?
No. Passwords are generated locally in your browser using the Web Crypto API. Nothing is sent to any server or stored in any database.
What does "Exclude Ambiguous" mean?
Ambiguous characters are those that look similar in many fonts: the number 0 and letter O, lowercase l and number 1, and uppercase I. Excluding them makes passwords easier to read and type manually.
How long should my password be?
For most purposes, 16 characters with mixed character types provides excellent security (about 100 bits of entropy). For high-security applications, 20-32 characters is recommended.