Memorable password generator
Word-based passwords (passphrases) are easier to remember than strings of random characters and can be just as secure. This tool generates random word combinations using your browser's crypto API. All processing runs in your browser.
Words joined with hyphens. Easier to type and remember than random characters.
Bulk generation
How it works
The tool uses crypto.getRandomValues(), the browser's built-in cryptographically secure random number generator, to select characters or words. No library is required and our servers are not involved. The password is generated entirely inside your browser tab.
Processing runs in your browser
All generation runs locally in your browser. The password exists only in your browser until you copy it. You can prove this yourselfin your browser's DevTools Network tab.
Related operations
For hashing the generated secret for storage, try the hash generator. To create random opaque identifiers instead, use the UUID generator. For encoding generated tokens for transport, see Base64.
Frequently asked questions
Are word-based passwords actually secure?
Yes. A four-word passphrase from a 256-word list has about 32 bits of entropy, roughly equivalent to a random 6-character password. Using five or six words brings it to 40–48 bits, which is strong for most purposes.
Is the password sent to a server?
All processing runs in your browser using crypto.getRandomValues(). Our servers are not involved at any point.
When is a passphrase better than random characters?
Passphrases are better for passwords you must type from memory, like a computer login, disk encryption key, or password manager master password, because they are easier to recall and type accurately.
Can I still use random characters from this tool?
Yes. Switch to the "Characters" mode at the top of the tool to generate a conventional random password instead.