Password Generator
Crypto-strong passwords — entropy shown, never stored
Password Generator is a free, browser-based tool that lets you crypto-strong passwords — entropy shown, never stored — with zero signup, zero installation. Your data never leaves your browser. Part of 116+ free developer and business tools at wowhow.cloud, built and maintained by a team with 14+ years of hands-on development experience.
Select at least one character type
About Password Generator
Cryptographically secure password generation draws randomness from the operating system's entropy pool — the same source used for TLS key generation — rather than a predictable pseudo-random algorithm. The Web Crypto API's getRandomValues() function is the browser equivalent of /dev/urandom on Linux, ensuring each character selection is statistically independent and unpredictable even to the generating machine.
How It Works
The generator builds a character pool from the selected character sets: lowercase letters (26), uppercase letters (26), digits (10), and symbols (32 printable ASCII characters). The pool size determines the per-character entropy: log2(pool_size) bits per character.
To select each character, crypto.getRandomValues() fills a Uint32Array with cryptographically random 32-bit integers. Each integer is taken modulo the pool size to pick a character. If the result would introduce modular bias (because 2^32 is not evenly divisible by the pool size), that value is discarded and a fresh random value is used — this is called rejection sampling and ensures a perfectly uniform distribution.
The strength meter calculates total entropy as length × log2(pool_size) and maps that to a crack-time estimate based on bcrypt hashing rates (modern GPUs can test ~10 billion bcrypt hashes per second).
Who Is This For
A sysadmin creating 24-character random passwords for 15 service accounts before rolling out a new internal application, without needing a locally installed tool.
A developer generating a 32-character alphanumeric API secret key to use as an environment variable in a Node.js application.
A small business owner setting up a new employee's email account and needing a strong temporary password to hand over securely.
A security consultant demonstrating password entropy concepts to a client by showing how adding symbols to a 12-character password jumps from 71 to 78 bits of entropy.
Scope note: The generator cannot guarantee the output meets specific password policy requirements (e.g., "must contain at least 2 symbols") in the first attempt — regenerate until the policy is satisfied. Passwords are not stored between page loads; save them to a password manager immediately.
How to Use
Set your desired password length (8-128 characters)
Toggle character types — uppercase, lowercase, numbers, symbols
View the strength meter and entropy bits for security assessment
Click "Generate" for a new password or "Copy" to clipboard
Frequently Asked Questions
More Free Tools
View allNeed production-ready templates?
Browse premium developer tools, starter kits, and templates — starting at $49. Pay once, use forever.
Browse Products