Generate strong, random passwords and passphrases — runs entirely in your browser using crypto.getRandomValues().
%S^#jKjO]#kV,.Y#F_C2
crypto.getRandomValues() — uses your OS's cryptographic random number generator. Nothing is sent to a server.
Entropy guide: 40 bits = weak, 60 = fair, 80+ = strong, 128+ = excellent for most uses.
Passphrases are easier to remember and type. A 5-word passphrase has ~33 bits per word (~165 bits total).
Passwords created by humans tend to follow predictable patterns that attackers exploit with dictionary and rule-based attacks. Cryptographically random passwords generated with crypto.getRandomValues() have no such patterns, making brute-force the only viable attack vector.
A random 16-character password and a four-word passphrase can offer comparable entropy, but passphrases are far easier to type and remember. Use passwords for accounts protected by a password manager, and passphrases when you need to type them by hand.
Every password is generated locally using your operating system's cryptographic random number generator. Nothing is transmitted over the network — you can verify this by checking the Network tab in your browser's developer tools.