Skip to content
ConvenTools

Password Generator — Strong Random Passwords

Runs in your browser — your files never leave your device

Create strong, random passwords in your browser. Choose the length and which character sets to include; every password is generated with a cryptographically secure random source and never leaves your device.

Estimated entropy: 129 bits · Very strong. Generated on your device.

How to use it

  1. 1
    Set the length

    Drag the slider to choose how many characters you want (4–128).

  2. 2
    Pick character sets

    Toggle lowercase, uppercase, numbers and symbols to match the site’s password rules.

  3. 3
    Generate

    Click Generate for a fresh password; the estimated entropy updates as you change options.

  4. 4
    Copy

    Copy the password with one click. It was generated on your device and never sent anywhere.

What makes a password strong

Strength comes from length and unpredictability. A longer password drawn from a larger alphabet has more entropy — the number of guesses an attacker would need to try. This tool shows the estimated entropy in bits so you can see the effect of each choice as you make it.

Generated locally, never stored

Each password comes from your browser’s crypto.getRandomValues with rejection sampling, so every character is equally likely — there is no modulo bias. Nothing is uploaded, logged or stored; close the tab and the password is gone.

Frequently asked questions

Are the passwords generated on a server?

No. They are generated entirely in your browser with a cryptographically secure random source; nothing is uploaded or stored.

How random are they?

They use crypto.getRandomValues with rejection sampling, so every character in your chosen alphabet is equally likely — there is no modulo bias.

What length should I use?

For most accounts, 16 or more characters with mixed sets is strong. For high-value accounts, go longer. The entropy readout helps you compare choices.

Can I include symbols?

Yes. Toggle the symbols set on or off to satisfy a site’s specific password requirements.