Password Generator

Generate password randomly.


Characters used
Length

Password

Tips

  • The longer the password, the more secure it is. A minimum of 12 characters is generally recommended.
  • Combining uppercase letters, lowercase letters, digits, and symbols greatly increases resistance to brute-force attacks.
  • Store generated passwords in a password manager (1Password, Bitwarden, etc.).
  • Reusing the same password across multiple services puts all your accounts at risk if one is breached.
  • NIST recommends prioritizing "not reusing strong passwords" over "mandatory periodic password changes".

FAQ

No, passwords are generated entirely in your browser and are never transmitted to or stored on any server.

Yes, you can select just one character type. However, using multiple character types is strongly recommended for better security.

NIST guidelines recommend a minimum of 8 characters, but 12–16 characters or more is the practical recommendation. A 12-character random password with mixed character types would take tens of thousands of years to crack with today's computers.
ツールくん

Side Note — The Most-Hacked Passwords in the World

Every year, "most-used password" rankings show that 123456, "password", and "111111" dominate the top spots. The most common password found in the 2009 RockYou data breach (approximately 32 million accounts) was also "123456".

With modern high-performance GPUs (e.g., NVIDIA RTX 4090), an 8-character alphanumeric password can be cracked in minutes to hours. By contrast, a 12-character or longer random password mixing letters and symbols would take tens of thousands of years even with today's computers.

In 2017, NIST removed "mandatory periodic password changes" from its recommendations and revised its guidelines to prioritize not reusing strong passwords. The old rule of changing passwords every three months had paradoxically led people to choose weak passwords like "Summer2024!".