handyman
Hazuu Tools

Random Password Generator

Generate strong, secure random passwords with customizable length and character types.

Quick Presets:
Length: 0|Strength: Very Strong|Crack Time: Centuries+
Recommended: 12+16
4128
info

About Random Password Generator

The Random Password Generator creates cryptographically secure login credentials for websites, apps, and services. It draws from up to four character sets — digits (0-9), lowercase letters (a-z), uppercase letters (A-Z), and symbols (!@#$%^&*...) — and uses the browser Web Crypto API (crypto.getRandomValues) to pick each character. The result is a password with genuine entropy that cannot be predicted even if an attacker knows the tool you used.

Four quick presets cover the most common needs: Basic (8 chars, letters and numbers) for low-stakes accounts; Strong (16 chars, all character types) for email or banking logins; Ultra (32 chars, all types, similar characters excluded) for master passwords and password managers; and PIN (4 digits) for numeric-only entry points. You can also drag the length slider anywhere from 4 to 128 characters and toggle individual character types to match a specific site's password rules. The tool instantly recalculates the password's entropy in bits, maps it to a Weak/Medium/Strong/Very Strong label, and estimates crack time assuming 10 billion guesses per second — giving you a real measure of how long the credential would hold against a dedicated attack.

Every calculation and every generated password stays on your device. Nothing is transmitted, logged, or stored on a server. You do not need to create an account, install anything, or pay. Once the page has loaded, the generator works entirely offline — the same strong password you see is the one only you have.

star

Key Features

check_circle

Cryptographic randomness via Web Crypto API

Each character is selected using crypto.getRandomValues, which draws from the operating system's entropy pool rather than a predictable pseudo-random algorithm.

check_circle

Live entropy and crack-time display

As you change length or character types the tool recalculates entropy in bits and shows estimated crack time at 10 billion guesses per second, so you can see the real security impact of each choice.

check_circle

Four one-click presets

Basic, Strong, Ultra, and PIN presets apply tested length and character-type combinations in a single click, covering the most common account scenarios without manual configuration.

check_circle

Exclude Similar Characters option

Toggling this removes visually ambiguous characters — 0, O, o, l, I, 1 — so the password can be transcribed by hand or read aloud without misreading a character.

check_circle

Length slider from 4 to 128 characters

A range input lets you fine-tune length to match a site's specific maximum or minimum requirement, from a 4-digit PIN to a 128-character master passphrase.

check_circle

Instant copy to clipboard

One button copies the generated password directly to your clipboard. The button confirms the copy with a checkmark for two seconds so you know the transfer succeeded.

help

How to Use

01

Set Your Preferences

Choose a quick preset or customize the password length and character types using the slider and checkboxes.

02

Generate Password

Click "Generate" or adjust any setting to instantly create a new cryptographically secure password.

03

Copy & Use

Click the copy button to save your password to the clipboard and use it wherever you need a strong password.

code_blocks

Example

The Strong preset (16 chars, all character types enabled) produces a password with roughly 105 bits of entropy — estimated crack time over a trillion years at 10 billion guesses per second.

Settings
Preset: Strong
Length: 16
Numbers: on
Lowercase: on
Uppercase: on
Symbols: on
Exclude Similar: off
Generated password
g7!Kx#mQ2eRv@Lp9

Strength: Very Strong
Entropy: ~105 bits
Crack time: Centuries+
lightbulb

Common Use Cases

  • arrow_circle_right

    Creating new account passwords

    Whenever you sign up for a website or app, generate a unique password with the Strong or Ultra preset instead of reusing an existing one. Each account gets its own unguessable credential, so a breach on one site cannot compromise the others.

  • arrow_circle_right

    Replacing weak or reused passwords

    If a data-breach alert tells you a password was exposed, generate a fresh one here in seconds. The strength meter confirms the replacement is genuinely stronger before you commit to the change.

  • arrow_circle_right

    Generating a master password for a password manager

    Password managers protect everything behind one credential. The Ultra preset — 32 characters with all types and similar characters excluded — produces a passphrase strong enough for that role while remaining readable enough to type from memory if needed.

  • arrow_circle_right

    Creating passwords that must be typed by hand

    Some devices (routers, smart TVs, kiosks) do not support paste. The "Exclude Similar Characters" option removes easily confused glyphs so you can transcribe the password from screen to keyboard without error.

  • arrow_circle_right

    Setting numeric PINs for devices and accounts

    The PIN preset produces a 4-digit numeric code for phone lock screens, bank cards, or any system that only accepts digits — using the same cryptographic randomness as the full password presets.

quiz

Frequently Asked Questions

What is a Random Password Generator? expand_more
A Random Password Generator is a tool that creates strong, unpredictable passwords using cryptographic randomness. It combines letters, numbers, and symbols in random sequences that are virtually impossible for attackers to guess or crack through brute force.
Are the generated passwords secure? expand_more
Yes. The generator uses the Web Crypto API (crypto.getRandomValues) which draws from the operating system entropy pool. All password generation happens locally in your browser — no passwords are ever sent to or stored on any server.
How long should my password be? expand_more
A minimum of 12 characters is the standard recommendation for general accounts. A 16-character password with all character types enabled reaches roughly 105 bits of entropy, which would take centuries to crack at 10 billion guesses per second. For a master password or password-manager vault, 24 or more characters adds a comfortable margin.
What does "Exclude Similar Characters" do? expand_more
This option removes characters that look alike in many fonts: 0 (zero) and O (capital O), o (lowercase o), l (lowercase L), I (capital i), and 1 (one). Use it when you need to transcribe the password by hand or read it aloud, so a visual misread cannot lock you out of your account.
What are the four presets and when should I use each one? expand_more
Basic (8 chars, letters and numbers) suits low-sensitivity accounts like newsletter sign-ups. Strong (16 chars, all types) is appropriate for email, banking, and social logins. Ultra (32 chars, all types, similar chars excluded) is designed for master passwords or vault keys. PIN (4 digits) is for numeric-only entry points such as phone lock screens or ATM codes.
How is this different from the Random String Generator? expand_more
The Random String Generator is designed for developer use cases — test data, placeholder IDs, and temporary keys — and does not show strength metrics. The Password Generator is optimized for human login credentials: it shows entropy, crack-time estimates, a strength bar, and presets matched to real account security needs. Use this tool when you need a password for an account; use the Random String Generator when you need arbitrary character sequences for code.
How is this different from the Token Generator? expand_more
The Token Generator produces multiple output formats (hex, UUID v4, API keys, Nano IDs, random strings) in bulk, targeting developers who need tokens for authentication systems or databases. The Password Generator focuses on a single human-usable credential at a time, with character-set controls and strength feedback designed for end-user account security rather than programmatic token minting.
Can I use this tool offline? expand_more
Yes. Once the page has loaded, the generator works entirely in your browser with no network requests. You can switch off Wi-Fi and continue generating passwords — the Web Crypto API and all logic run locally.