Are my generated passwords stored or sent anywhere?

No. All password generation happens entirely in your browser using JavaScript. No data is ever transmitted to a server, and nothing is stored anywhere.

Password Generator — Random, Memorable & PIN

Strength —

Length

Uppercase (A–Z)

Lowercase (a–z)

Numbers (0–9)

Symbols (!@#$…)

Exclude ambiguous (0,O,l,1)

Number of words

Separator

Capitalise first letter

Add numbers

PIN length

Group digits (e.g. 1234 5678)

Recent (click to copy)

About the Password Generator

Weak and reused passwords are the most common cause of account breaches. This generator creates truly random, cryptographically secure credentials using your browser's built-in Web Cryptography API — the same standard used in banking and security applications.

Three password modes

Random — A mix of letters, numbers, and symbols. Maximum entropy for the length. Best for password managers where you don't need to type it.
Memorable — Random common words joined by a separator, like coral-tiger-48-lamp. Easy to type and remember while remaining highly secure. The number of words controls entropy: 4 words gives ~50 bits of entropy.
PIN — Numeric PIN for devices, ATM codes, or lock screens. Use 6+ digits for security.

How randomness works

All generation uses crypto.getRandomValues(), part of the Web Cryptography API. This is a cryptographically secure pseudo-random number generator (CSPRNG) — unlike Math.random(), it is suitable for security-sensitive use. Nothing is ever sent to a server.

Best practices

Use a unique password for every account. Enable two-factor authentication wherever possible. Store passwords in a trusted manager like Bitwarden, 1Password, or your browser's built-in vault.

Password manager best practices

A strong generated password is only useful if it is stored securely. Password managers (1Password, Bitwarden, Dashlane, KeePass) generate and store unique passwords for every account, require only a single master password to access all of them, and autofill credentials in browsers and apps. Using a password manager with unique passwords is the single highest-impact action for personal cybersecurity.

Bitwarden — open-source, audited, free tier includes all essential features
1Password — widely used in business settings; good family sharing features
KeePass — fully offline, local storage; maximum privacy, no cloud dependency
Browser-built-in — Chrome, Firefox, and Safari password managers are convenient but lack cross-platform sharing

Frequently Asked Questions

Is this password generator secure?

Yes. Passwords are generated using the Web Cryptography API (crypto.getRandomValues), a cryptographically secure PRNG — the same standard used in security software. Nothing leaves your browser.

What is a memorable password?

A memorable password combines random common words separated by a symbol or number, like coral-tiger-48-lamp. These are easier to type and remember than random character strings while providing strong security — 4 random words gives roughly 50 bits of entropy.

Are my passwords stored or sent anywhere?

No. All generation happens entirely in your browser using JavaScript. No data is transmitted to any server, and nothing is stored anywhere.

How long should a strong password be?

Security experts recommend at least 16 characters for important accounts. Mixed uppercase, lowercase, numbers, and symbols at 12+ characters are considered strong. For memorable passwords, 4 words is the minimum recommended.

Should I use a password manager?

Yes. A password manager lets you use a unique, strong password for every account without memorising them. Use this generator to create passwords, then store them in a trusted manager.