Word-based passwords (passphrases) are easier to remember than strings of random characters and can be just as secure. This tool generates random word combinations using your browser's crypto API. All processing runs in your browser.
Words joined with hyphens. Easier to type and remember than random characters.
The tool uses crypto.getRandomValues(), the browser's built-in cryptographically secure random number generator, to select characters or words. No library is required and our servers are not involved. The password is generated entirely inside your browser tab.
All generation runs locally in your browser. The password exists only in your browser until you copy it. You can prove this yourselfin your browser's DevTools Network tab.
For hashing the generated secret for storage, try the hash generator. To create random opaque identifiers instead, use the UUID generator. For encoding generated tokens for transport, see Base64.
Yes. A four-word passphrase from a 256-word list has about 32 bits of entropy, roughly equivalent to a random 6-character password. Using five or six words brings it to 40–48 bits, which is strong for most purposes.
All processing runs in your browser using crypto.getRandomValues(). Our servers are not involved at any point.
Passphrases are better for passwords you must type from memory, like a computer login, disk encryption key, or password manager master password, because they are easier to recall and type accurately.
Yes. Switch to the "Characters" mode at the top of the tool to generate a conventional random password instead.