Password Generator

A minimum of 12 characters is recommended for most accounts. For high-value accounts (banking, email), use 16-20 characters or more. Longer passwords are exponentially harder to crack.

A strong password is long, uses a mix of uppercase and lowercase letters, numbers, and symbols, and does not contain dictionary words, names, or predictable patterns.

Yes. Password managers let you use a unique, strong password for every account without having to memorize them. They also protect against phishing by auto-filling credentials only on the correct site.

This generator runs entirely in your browser using JavaScript's Math.random(). For cryptographically secure passwords for very sensitive use cases, consider using a dedicated tool like a password manager's built-in generator.

2FA adds a second verification step (like a code from an app or SMS) beyond your password. Even if someone steals your password, they cannot log in without the second factor.

Current security guidance (NIST) suggests only changing passwords when there is reason to believe they have been compromised, rather than on a fixed schedule. Using unique passwords per site is more important.