Client-side crypto · zero logs

Passwords they can't crack.

Three generation modes. Live entropy. Realistic crack-time estimates. The catch? There isn't one — it runs entirely in your browser and we never see the output.

Client-side onlycrypto.getRandomValues()Live entropy meterCrack-time estimatesFree · no account
Generated password

Maximum entropy. Hard to type, strongest security.

20
4128

Length beats complexity.

A 20-char lowercase password has 94 bits of entropy. An 8-char password with every character class has 52 bits — over 16 million times weaker. Passphrases are the same story: 6 common words beat most complex passwords an attacker can actually crack.

Strength
very strong
124bits of entropy
Avg. offline crack time
3,370 trillion years
At 10¹¹ guesses/sec (modern GPU cluster)

Zero-logs, zero server.

Passwords are generated in your browser with crypto.getRandomValues. No data ever reaches MalwareTips servers.

Recent · session only

Regenerated passwords appear here. Never saved to disk.

Know your adversary

How strong is strong enough?

The right entropy depends on who's trying to crack it. Below are three attacker tiers, with roughly how long a 40-, 60-, and 80-bit password buys you against each.

Online throttled~100 guesses / sec

Credential-stuffing attacker hitting a normal login form with rate limiting.

40 bits
4 months
60 bits
11,000 years
80 bits
10¹⁰ years
Offline GPU cluster~10⁹ guesses / sec

Attacker has the hashed password dump. Cracking with modern GPUs against bcrypt/Argon2.

40 bits
18 minutes
60 bits
12 days
80 bits
340,000 years
Nation-state~10¹² guesses / sec

Targeted, well-funded adversary with vast GPU compute. Worst plausible case.

40 bits
1 second
60 bits
17 minutes
80 bits
340 years

Estimates assume the defending site uses bcrypt / scrypt / Argon2id hashing. If it still stores plain SHA-256 or MD5 (common but poor practice), shift attacker times 100–1000× faster — meaning 40-bit passwords are already gone for any meaningful adversary.

Why this generator

Six things that matter.

Most password generators hide their math and ask you to trust them. This one shows the entropy, explains the crack-time, and lives entirely in your browser so there's nothing to trust anyway.

01

Three generation modes

Random (max entropy), passphrase (easy to memorise), pronounceable (readable syllables). Pick the shape that fits the use case.

02

Cryptographic RNG

Every character is produced by your browser's crypto.getRandomValues() — the same primitive banks and TLS libraries use. No Math.random, no seeded PRNG.

03

Live entropy meter

See the bit-entropy update as you tune the options. 60+ bits = strong. 80+ = excellent. Below 40 = you're one leaked rainbow table away from trouble.

04

Crack-time estimates

Realistic costs for a modern attacker at three budget tiers — online throttled, offline GPU cluster, nation-state. Tells you how long your password actually buys.

05

No logs, no storage

Passwords never leave your browser. No network call, no telemetry, no cached history on our server. Clear the tab and they're gone.

06

Free · no account

No sign-up, no email, no upsell to a password manager. This is a straight utility — paste into your manager of choice and move on.

Privacy by design

Nothing ever leaves this page.

Every password is generated by window.crypto.getRandomValues() — a cryptographic primitive built into your browser. No network call, no telemetry, no cached history. Open your browser's DevTools Network tab and watch for yourself — you'll see zero requests as you generate.

Inspect the Network tabView source is the receipts
Password FAQ

Questions worth asking

Six common questions about passwords, entropy, and why you can trust a generator you didn't write yourself.

Do passwords really never leave my browser?
Correct. Every character is produced by window.crypto.getRandomValues() client-side. There is no network call associated with generation — you can verify this yourself by opening DevTools Network tab and watching as you generate. We never see the output, so we couldn't log it even if we wanted to.
Which mode should I use?
Random for anything a password manager will remember for you (max security, hard to type). Passphrase for anything you'll type repeatedly or need to recite (phone lock, BitLocker, master password). Pronounceable as a middle ground — useful for temporary accounts or when you might need to dictate a password over the phone.
How many bits of entropy is strong enough?
60 bits is the modern floor for anything important — that's resistant to offline cracking by a well-funded adversary for at least years. 80+ is excellent and well within the generator's defaults. Below 40 is only safe against online-throttled attacks — assume anything that rate-limits logins rather than giving attackers a hashed dump.
Why does length matter so much more than special characters?
Entropy scales linearly with length and logarithmically with character-set size. Going from 8 → 12 characters adds roughly 26 bits of entropy (lowercase + digits); adding symbols to an 8-character password only adds ~6 bits. Long beats exotic every time — that's why passphrases with four common words beat cryptic 8-char passwords despite looking weaker.
Can I trust the crack-time estimates?
They're order-of-magnitude, not precise. We assume bcrypt/Argon2id-class hashing (what responsible sites use) and ~2024 GPU costs. For sites still using plain SHA-256 or MD5 (poor choices, but they exist), attackers crack 100–1000× faster, so shift the times accordingly. For any site that still uses plain hashing, assume 40-bit passwords are already gone.
How is this different from 1Password's or Bitwarden's generators?
Functionally nearly identical — same crypto primitives, same entropy math. Our generator is useful as a standalone, no-install, no-account web page: for quick one-off passwords, for the password to your password manager itself, or when you're on someone else's machine and don't want to install anything. For everyday use, generate inside your password manager where it's immediately stored.