Utility Tools

Password Generator

Generate strong, random passwords instantly — uses Web Crypto API, nothing sent to servers

Password Length — 16 characters

Number of passwords — 5

Character Types Uppercase (A–Z) Lowercase (a–z) Numbers (0–9) Symbols (!@#$%)

Strength: Strong

Generated Passwords

eW!eAu&LCxa%p^ii

Q=0cJyPY?V*AJ;.6

$$?q&!40:3AJXOm6

-Ylh-]TcX1(u!>4{

S5ag:=rJAV*&E5Jg

🔒 Generated using Web Crypto API — cryptographically secure, never stored or transmitted

How password length affects crack time

6 chars< 1 second

Trivially crackable by any modern GPU. Never use 6-character passwords for anything.

8 chars~8 hours

Common minimum requirement but dangerously short. Most brute-force attacks crack 8-character passwords within a day.

12 chars~1,500 years

The sweet spot for most accounts. Balances security and memorability. Recommended by NIST for general use.

16+ charsMillions of years

Effectively uncrackable by brute force. Use for banking, primary email, and password manager master passwords.

Crack times assume mixed characters (upper, lower, digits, symbols) at 10 billion guesses/second.

Generated in your browser, never transmitted

Every password is created using the Web Crypto API (window.crypto.getRandomValues), which taps into your operating system's cryptographic random number generator. No password is ever sent to any server, logged, or stored. The source code runs entirely client-side — you can verify by checking the browser's Network tab during generation.

Key Terms

Web Crypto API

A browser-native API that generates cryptographically secure random numbers — used here to ensure passwords are truly unpredictable.

Entropy

A measure of password randomness in bits. Higher entropy means harder to crack. A 12-character mixed password has roughly 79 bits of entropy.

Brute Force

An attack that tries every possible character combination. At 10 billion guesses per second, a 12-character mixed password takes over 1,500 years to crack.