Password Generator
Generate strong, random passwords in your browser.
Use on any page (bookmarklet)
Want Password Generator without leaving the page you're on? Drag the button below to your bookmarks bar, then click it on any website to open Password Generator right there — it runs entirely in your browser.
Use responsibly: a bookmarklet runs on whatever page you click it on. Avoid sensitive sites such as online banking, payment, or healthcare pages — you run it at your own risk. Everything is processed locally and no data is sent anywhere. See our Terms.
- Show your bookmarks bar if it's hidden — Ctrl+Shift+B (⌘+Shift+B on Mac).
- Drag the button above onto the bookmarks bar.
- Open any website and click the bookmark — the Password Generator panel appears in the top-right corner. Use ✛ to move it between corners, or ›/‹ to tuck it against the edge and pull it back out.
- Click the bookmark again (or the ✕) to close it.
Note: a few sites with strict security policies may block bookmarklets.
Examples
16 chars · letters + numbers
Output
vT7kP2mQ9xL4bN8r
20 chars · all character types
Output
9x#Lp2$Qm7!vB4&kZ8nR
About this tool
This free online password generator creates strong, random passwords right in your browser. Choose a length and which character types to include, and a new password is generated instantly — cryptographically random via the Web Crypto API, with no upload, so nothing ever leaves your device.
How to use
- Set the length (4-256 characters).
- Toggle lowercase, uppercase, numbers, and symbols.
- Click Generate for a new password, then Copy.
- Check the strength meter and aim for Strong or better.
How it stays secure
Passwords are generated with the browser's Web Crypto API (crypto.getRandomValues), not the predictable Math.random. It uses rejection sampling so every character is uniformly random with no bias toward any part of the character set. Nothing is generated on or sent to a server — the password exists only in your browser, so it's safe to use for real accounts.
Choosing your settings
- Length is king. Every extra character multiplies the possibilities — aim for 16+. Length beats complexity.
- Include as many character types as the site allows; each one enlarges the pool.
- If a site rejects symbols, don't fight it — turn them off and add a few more characters instead.
- For machine-to-machine secrets (API keys, tokens), a random string generator or a UUID may fit better.
Good password habits
A strong password only helps if you use a unique one per site — that way a single breach can't unlock the rest. Store them in a password manager rather than memorizing, and turn on two-factor authentication wherever you can. For the full picture, read our guide to creating and managing strong passwords.
Frequently asked questions
Is this password generator free?
Yes — it's a completely free online password generator with no sign-up and no limits.
Are the passwords sent to a server?
No. Passwords are generated in your browser using the Web Crypto API with no upload, so they never leave your device. It's a secure, no-upload random password generator.
Are these passwords cryptographically secure?
Yes. They use the browser's crypto.getRandomValues with rejection sampling, which avoids the bias of naive random methods, so every character is uniformly random.
What makes a strong password?
Length matters most — aim for at least 12-16 characters — combined with a mix of lowercase, uppercase, numbers, and symbols. The strength meter reflects both.
Can I choose which character types to include?
Yes. Toggle lowercase, uppercase, numbers, and symbols on or off, and set any length from 4 to 256 characters.
Should I use symbols?
Symbols increase strength, but some sites reject certain characters. If a site complains, turn symbols off and use a longer password instead.
Should I reuse passwords?
No. Use a unique password for every account and store them in a password manager. This tool helps you create a fresh one each time.
Learn more
Related tools