Password Generator โ Passwords & Passphrases with Entropy Score
Create cryptographically secure passwords (up to 128 characters) or memorable passphrases in your browser. Customize character sets, exclude ambiguous characters, set word count and separators, and generate up to 20 at once. Every password is scored with Shannon entropy in bits so you see exactly how strong it is.
Options
Generated Passwords
Cryptographically Secure
Uses the Web Crypto API (crypto.getRandomValues) for true randomness.
Instant & Offline
Everything runs locally in your browser. No passwords are ever sent to a server.
Fully Customizable
Adjust length, character sets, exclusions, and generate passwords or passphrases.
Included Password Tools
Random Password Generator
Up to 128 characters with uppercase, lowercase, digits, symbols, custom exclusions, and ambiguous-character filtering.
Passphrase Generator
Word-based passphrases with 3โ12 words and a choice of separator: dash, dot, underscore, space, or none.
Entropy & Strength Meter
Shannon entropy shown in bits with a 5-tier rating: Very Weak, Weak, Fair, Strong, Very Strong.
Bulk Password Generation
Generate and copy up to 20 passwords or passphrases at once with a single Regenerate click.
How to Generate a Strong Password
Choose Password or Passphrase
Select the Password tab for character-based passwords or Passphrase for memorable word-based passwords.
Customize settings
Adjust length (4โ128 chars), toggle character sets, exclude ambiguous characters, or set a word count and separator for passphrases.
Generate
Click Regenerate to create a fresh list. Use the count slider to generate up to 20 at once.
Copy & use
Copy individual passwords or all at once. The entropy meter shows the strength in bits so you know exactly how secure each one is.
Frequently Asked Questions
- Is this password generator truly random?
- Yes. ToolMint uses the Web Crypto API (crypto.getRandomValues) โ a cryptographically secure pseudo-random number generator (CSPRNG) built into browsers. It does not use Math.random().
- What is password entropy and why does it matter?
- Entropy (measured in bits) represents how unpredictable a password is. Higher entropy means more combinations an attacker must try. 60+ bits is generally considered strong; 100+ bits is very strong.
- What is a passphrase and why use one?
- A passphrase is a sequence of random words (e.g. river-table-flame-book) that is both memorable and highly secure. Four or more random words can reach 50+ bits of entropy while being easier to type and recall than a random character string.
- What does 'exclude ambiguous characters' do?
- It removes characters that look similar in many fonts โ 0, O, I, l, 1, and others โ reducing the chance of transcription errors when typing a password manually.
- Are generated passwords sent to a server?
- No. All randomness is generated client-side using the Web Crypto API. No password ever leaves your browser.