Password Generator

Generate secure passwords with custom patterns and character rules. Everything runs in your browser.

Pattern

Use * for random characters. Other characters are kept as-is.

Length Presets

Character Types

Uppercase (A-Z) Lowercase (a-z) Digits (0-9) Symbols (!@#$%...)

Exclude Presets

Custom Exclusions

Tips

Length Matters Most

A longer password is exponentially harder to crack. Each additional character multiplies the number of possible combinations.

Avoid Predictable Patterns

Never use dictionary words, names, dates, or keyboard patterns like "qwerty". Randomness is the key to a strong password.

Some Characters Cause Problems

Characters like backtick, backslash, and dollar sign can break shell scripts. Semicolons and quotes can cause issues in SQL or config files.

Use a Unique Password for Each Account

If one password is compromised, unique passwords prevent attackers from accessing your other accounts.

Common Use Cases

🖥️

Server & SSH Access

Generate strong passwords for root accounts and SSH keys, excluding shell-problematic characters.

🌐

Web Accounts

Create unique passwords for each online service to prevent credential-stuffing attacks.

📶

Wi-Fi Passwords

Generate easy-to-share Wi-Fi passwords by excluding ambiguous characters that are hard to read aloud.

🔑

API Keys & Tokens

Produce URL-safe tokens by excluding characters that need encoding in URLs.

🗄️

Database Credentials

Generate passwords without SQL-special characters to avoid escaping issues in connection strings.

📱

App & Device PINs

Use the pattern feature to create numeric or short codes like PINs and device unlock codes.

Frequently Asked Questions

Is this password generator secure?

Yes. All passwords are generated entirely in your browser using the Web Crypto API (crypto.getRandomValues), which provides cryptographically secure random numbers. Nothing is sent to any server.

What is the pattern feature?

The pattern field lets you mix fixed characters with wildcards (*). For example, "***-***-***" generates a password like "k9F-m2x-R7p" where each * is replaced by a random character from your selected character set.

How long should my password be?

For general web accounts, 12-16 characters is recommended. For high-security applications like server access or encryption keys, use 20 or more characters.

Why exclude certain characters?

Some characters cause technical issues in specific contexts. For example, backticks and dollar signs are interpreted by shell scripts, while quotes and semicolons can break SQL queries or configuration files.

What does the strength meter measure?

The strength meter calculates entropy (in bits) based on your character pool size and the number of random characters. Higher entropy means more possible combinations and a stronger password.

Can I use this offline?

Once the page is loaded, yes. Since all processing happens in JavaScript within your browser, no internet connection is needed to generate passwords.