Random Password Generator
Generate strong, cryptographically secure passwords — customizable length and charset
How to Use the Random Password Generator
- Set length and select character sets.
- Click Generate for a cryptographically secure password.
Uses crypto.getRandomValues(). Shows password entropy in bits for strength estimation.
What is a Secure Password Generator?
A cryptographically secure password generator uses the browser's Web Crypto API (crypto.getRandomValues) to generate truly random passwords. Unlike Math.random() which is pseudorandom and predictable, Web Crypto produces randomness suitable for security-sensitive applications.
Common Uses
- Generating strong passwords for new accounts
- Creating API keys and service account passwords
- Generating temporary passwords for user onboarding
- Creating passphrases for encrypted archives or vaults
Frequently Asked Questions
How long should a secure password be?
NIST guidelines recommend at least 12 characters, with 16+ being better. Length matters more than complexity — a 20-character random lowercase string is stronger than an 8-character mixed-case string with symbols.
Is it safe to generate passwords in a browser?
CipherKit uses the Web Crypto API (crypto.getRandomValues) which provides cryptographically strong randomness and runs entirely in your browser. No generated password is ever transmitted or stored.
What characters should a strong password include?
A combination of uppercase letters, lowercase letters, numbers, and symbols maximises the character space. For a 16-character password with 94 possible characters, there are 94¹⁶ ≈ 3.7×10³¹ possible combinations.