What makes a password strong?

A strong password is long (12+ characters), random (not based on personal info), and unique (never reused). It should combine uppercase, lowercase, digits, and symbols.

What password length is recommended?

At least 12 characters for online accounts, 16+ for sensitive accounts. For passphrases, 4+ words provide excellent security.

What is the difference between a random password and a passphrase?

A random password uses individual characters (e.g., k7#Qm9!xR2pL). A passphrase combines random words (e.g., Correct-Horse-Battery). Passphrases are easier to remember while maintaining high entropy.

Is my password stored on your servers?

No. The password is generated server-side and returned over HTTPS, but it is never stored or logged. Only the request parameters are recorded for analytics.

What is password entropy?

Entropy measures the unpredictability of a password in bits. Higher entropy means harder to crack. A 60-bit password has over 1 quintillion possible combinations.

How often should I change my passwords?

Modern security guidance (NIST SP 800-63B) recommends changing passwords only when compromised, not on a fixed schedule. Use unique passwords and enable 2FA.

Are the generated passwords truly random?

Yes. We use Go's crypto/rand package, which is a CSPRNG seeded by operating system entropy sources.

Are passphrases as secure as random passwords?

Yes, when using enough words. A 4-word passphrase from a 7776-word list has about 52 bits of entropy (with digits: about 69 bits). Both are strong for most purposes.

Password Generator - Strong Random Passwords & Passphrases

Why use a password generator?

Weak or reused passwords remain the leading cause of account breaches. A password generator removes human bias and creates truly random credentials.

Three key benefits:

True randomness : no patterns, dictionary words, or personal information
Configurable strength : adjust length, character types, and complexity to match requirements
Instant generation : create a new password in milliseconds

Random vs. Memorable: when to use each

Random mode produces maximum-entropy passwords like k7#Qm9!xR2pL$wN4. Use these for:

Website and app accounts stored in a password manager
API keys and service credentials
Any context where you won't need to type the password manually

Memorable mode generates passphrases like Sloppily8-Rosy3-Unlocking8-Angelic4. Use these for:

Master passwords (the one password you memorize)
Device unlock codes you type frequently
Shared passwords you need to communicate verbally

Understanding password entropy

Entropy measures unpredictability in bits. More bits = more combinations = harder to crack.

Entropy	Strength	Time to crack (10¹² guesses/sec)
< 28 bits	Very Weak	Seconds
28-35 bits	Weak	Minutes to hours
36-59 bits	Fair	Days to years
60-127 bits	Strong	Thousands to billions of years
≥ 128 bits	Very Strong	Beyond any foreseeable technology

A 16-character random password from 95 printable ASCII characters has about 105 bits of entropy, firmly in the "Strong" category.

Password Generator

Create strong passwords and memorable passphrases

Random passwords

Memorable passphrases

Strength indicator

Server-side generation

Advanced customization

Why use a password generator?

Random vs. Memorable: when to use each

Understanding password entropy