Strong password generator

Passwords are generated with a cryptographic RNG directly in your browser — nothing is transmitted and nobody else sees them. Set the length and characters, copy, done.

Skips y/z (swapped on QWERTZ vs. QWERTY), easily confused characters, and symbols that are hard to type on international keyboards.

Generated in your browser — never transmitted anywhere.

What makes a password strong in 2026

Length beats complexity: a 20-character password of letters and digits is orders of magnitude stronger than an 8-character “special character” mix. Use 16+ characters for regular accounts, 20+ for e-mail and your password manager. And above all: one unique password per account.

A password is only half the defense

Even a strong password leaks when a breached service spills it. The other half: two-factor authentication everywhere, a password manager instead of memory — and for your own website, a shield in front of the server. See our WEDOS Protection review.

Frequently asked questions

Can you see the passwords I generate?

No. Generation uses crypto.getRandomValues directly in your browser — the password never leaves your device and we store nothing.

Are word-based passphrases secure?

Yes, with enough words — strength grows with every word. Five words plus a number matches a solid regular password; pick seven or more for critical accounts. The advantage: you can remember Mill-Anchor-42-Lake-Train, but not X9$kv!2p.

What does "keyboard-layout safe" do?

It skips characters that differ or get confused across keyboards: y/z (swapped on QWERTZ layouts), capital I versus lowercase l, and symbols that need AltGr hunting on German and other European keyboards. You can then type the password painlessly on a foreign computer, hotel kiosk or in a BIOS.

How long should my password be?

At least 16 characters for regular accounts; 20+ for e-mail, banking and your password manager. Longer with fewer character types beats short-but-complex.

What do the entropy bits mean?

How many possibilities an attacker must try. Every bit doubles the count; 75+ bits is solid today, 100+ is practically uncrackable by brute force.

Where should I store passwords?

In a password manager (Bitwarden, KeePass, 1Password…). Sticky notes and phone memos are not storage.