v1.0.0: Initial release. Random-character and diceware-style passphrase modes, real entropy and crack-time math, batch generation, clipboard auto-clear, and a one-click handoff to build a WiFi QR code from a generated password.
Generate strong passwords or memorable passphrases, with the actual math behind the strength shown, not a made-up strength bar.
Nothing you generate here is ever sent anywhere. This page needs no outside library to work, so its security policy is the strictest on this whole site: nothing loads from anywhere except this page itself. Every character comes from your browser's own cryptographic random number generator, the same kind used for encryption keys, never from a server, and there is no way for this page to phone home even if it wanted to.
How this actually works
Random passwords are built by picking characters one at a time from the character types you choose, using your browser's crypto.getRandomValues, the cryptographically secure randomness also used for encryption keys, never the weaker Math.random. Passphrases work the same way, but pick whole words from a large public wordlist (based on the EFF's diceware wordlist) instead of characters, which is why a handful of random words can be both stronger and easier to type than a short jumble of symbols. The entropy and crack-time figures on the right are calculated directly from whatever you've selected, not a marketing-style strength meter. This generator also does not force at least one number or symbol into the result: requiring that would make the password very slightly less random than the math says, so your selected types are simply combined into one pool it draws from freely.
Random characters
18
Passphrase
6
Capitalizing words is just formatting, it doesn't add any real randomness. The random number at the end does, and that's reflected in the entropy figure.
This password and the details above are handed off to the QR tool on this device only, never through a link or a server. They're read once and immediately cleared.