How to Generate Secure Passwords and Keep Them Safe

With data breaches happening almost daily, the importance of strong, unique passwords cannot be overstated. If you are using "Password123!" or the name of your pet across multiple accounts, your digital life is at risk.

What Makes a Password Secure?

A secure password comes down to two main factors: length and randomness (entropy).

While a password like Tr0ub4dor&3 includes numbers and symbols, it is relatively short and uses common dictionary words. A password like correct horse battery staple is much longer and harder for a computer to brute-force, even though it lacks symbols.

The absolute best password is one that is completely random and sufficiently long, such as: K9#mP2$vLq8*zW5@c. However, human brains are terrible at coming up with truly random strings.

The Danger of Online Generators

If you google "Password Generator," many sites will offer to create one for you. The problem is that many of these sites generate the password on their backend server and send it over the internet to your browser. This means the server knows the password it just generated for you. If that server is compromised, or logging traffic, your new password is already leaked.

Use a Local Browser Generator

To ensure maximum security, passwords should be generated locally on your machine using cryptographically secure randomness APIs provided by your browser.

Our Password Generator uses the window.crypto.getRandomValues() API. It creates mathematically secure passwords entirely within your browser's memory. No network requests are made, meaning the password simply does not exist anywhere else in the world until you save it to your password manager.