A workflow for sharing a one-off password with a colleague sitting next to you: generate something strong, encode it as a QR code on screen, and let the recipient scan it with their phone. Nothing is ever typed into chat, copied into email, or written down. Both tools run in your browser.
Open the password generator in a new tab. Set the length to 20 characters or longer and tick the boxes for lowercase, uppercase, digits, and symbols.
Generate the password. If you want something a little more typeable for any later manual entry, untick a few of the harder-to-read symbol characters and regenerate.
Click the copy button next to the generated string. The password now sits on your clipboard for the next step.
Open the QR code generator in another tab and paste the password into the text input. A QR code should appear immediately.
Increase the QR code size if needed so it fills a good portion of the screen. A larger code scans faster and tolerates camera shake.
Have your recipient point their phone camera at the screen. Their camera app should pop up a preview of the decoded text. They can paste it straight into the destination app or password manager.
Close both browser tabs once the handoff is confirmed. Clear your clipboard by copying something else (for example, a single space) to overwrite the password.
Expected output and how to verify
The recipient's phone should display the exact same password the generator produced. To verify, have them read out the first and last four characters and check them against the generator window. If they match, paste the password into the destination service and confirm login. Once that works, close both tabs and clear the clipboard.
Common pitfalls
Leaving the QR code on screen after the handoff means anyone walking past can scan it. Close the tab as soon as the recipient has the password.
Very long passwords produce dense QR codes that are harder to scan in low light. 20 to 32 characters is a comfortable sweet spot.
If the recipient's camera struggles, increase screen brightness and the QR size, and ask them to hold the phone about 20 centimetres away.
Variations
For a wifi password handoff, prefix the password with the standard wifi QR format so the recipient's phone offers to join the network directly. For shared service credentials, generate two passwords, hand off the second one immediately and rotate the first a week later so any historical exposure is short-lived.
Frequently asked questions
Is the password recoverable later?
Only if you save it. The generator does not store anything between sessions. Once you close the tab, the password is gone unless you have written it down, stored it in a password manager, or shared it with the recipient.
How long should the password be?
Twenty characters with mixed case, digits, and symbols gives strong protection against guessing and brute-force attacks. For service accounts or master passwords, push that closer to 32.
Why use a QR code instead of typing or messaging?
A QR code shown on screen and scanned by a phone keeps the password off chat logs, email backups, and clipboard history. The handoff happens once, in person, and leaves no trail.
What if the recipient is remote?
Use an end-to-end encrypted messenger and send the password as a disappearing message. The QR-code method works best for in-person handoffs.