Strong passwords, in a click.

Frequently asked questions

How random are these passwords?

They use the browser's cryptographic random source (Web Crypto API's getRandomValues) — the same primitive that backs HTTPS and most password managers. Not pseudo-random, not predictable.

Is my password ever sent to your server?

Never. Generation, display, and copy all happen entirely in your browser. We have no way of seeing what you generated.

How long should a password be?

Modern guidance: at least 16 characters with mixed case, numbers and symbols. 20+ is what we recommend by default. Length matters more than complexity — a 20-character random password is effectively uncrackable.

What about passphrases?

Passphrases (random word sequences) are excellent if your tool supports them, but every site accepts random character passwords. Either approach is fine if the entropy is high enough.