Password Generator
Generate secure passwords and random passphrases. 100% in the browser, no servers, no sign-up.
How to use the password generator?
- 1
Choose the generation mode
Select between Password mode (for passwords with random characters) or Passphrase mode (for passphrase strings made up of words). Passphrases are easier to remember and, with enough words, can be just as secure as a complex password.
- 2
Adjust the options
In password mode, configure the length (8-64 characters) and character types: uppercase, lowercase, digits and symbols. Enable the exclude ambiguous option to avoid visually confusing characters such as 0, O, 1, l and I. In passphrase mode, choose the number of words and the separator.
- 3
Generate and customise
Choose how many passwords to generate with the counter (1-10) and press the button. Each password appears with an editable name (e.g. 'Gmail', 'Bank'). You can copy, regenerate or delete any one individually. The strength indicator shows the entropy in bits and the estimated time to crack it.
- 4
Download or copy
Copy any password with one click (the icon turns into a green check for 2 seconds). To save all of them, use the download button: a .txt file is generated with the names and passwords. Store it in a password manager and delete the .txt afterwards. Passwords disappear on page reload for privacy.
Frequently asked questions
How are passwords generated? Are they truly secure?
Yes. This generator uses crypto.getRandomValues(), the browser's cryptographic randomness API, the same one used in professional-grade cryptography. No password is sent to any server: all generation happens on your device. The algorithm also guarantees that at least one character from each selected type is included, using a Fisher-Yates shuffle for a perfectly uniform distribution.
What is entropy in bits and what is it for?
Bit entropy measures the degree of randomness of a password. It is calculated as length × log₂(charset size). The higher the entropy, the longer it takes an attacker to guess it by brute force. For example, 60 bits = ~1.1 × 10¹⁸ possible combinations. The estimated crack time assumes 10 billion attempts per second (modern GPU).
What is the difference between a password and a passphrase?
A classic password is a short string of random characters (e.g. Ks9#mRt2). A passphrase is a sequence of common words separated by a symbol (e.g. fast-cold-wave-note-ring). Passphrases are easier to remember and type, but can offer similar entropy if enough words are used. With 5 words from a list of 480, you get ~44 bits of entropy.
Are passwords saved? Is there a history?
No. This tool has no history of any kind. Passwords exist only in browser memory while the page is open. On reload or tab close, they disappear completely. No data leaves your device.
What should I do with the downloaded .txt file?
The .txt file is only to facilitate the initial transfer. The most advisable thing is to import the passwords into a password manager such as Bitwarden, 1Password or KeePass, and delete the .txt immediately afterwards. Never store passwords in plain text permanently on your device.
Embed the generator on your site
Embed this password generator in any web page with a simple iframe:
<iframe
src="https://miguelacm.es/embed/password-generator"
width="100%"
height="700"
frameborder="0"
title="Password Generator"
></iframe>Built by
Miguel Ángel Colorado
Built by
Miguel Ángel Colorado
Full-Stack Developer · CTO @ Securiyu
I build 100% client-side web tools — no sign-up, no servers, no cost.