01 / GENERATE

Password Generator

Randomness from crypto.getRandomValues, unbiased by rejection sampling, generated on your machine. Every enabled character set is guaranteed to appear at least once.

20
Character sets

How this generator works

Characters are drawn with crypto.getRandomValues, the browser's cryptographically secure random source — not Math.random(), which is predictable and unfit for secrets. Rejection sampling removes modulo bias, and a Fisher–Yates shuffle makes sure the guaranteed characters don't sit in predictable positions.

The strength meter shows Shannon entropy: pool size to the power of length, expressed in bits. Aim for 70 bits or more for anything that matters; above 100 bits, offline cracking is not a realistic threat.