PacketNebula

Password Generator

Cryptographically secure passwords and passphrases, with real crack-time estimates.

100% in your browser. Nothing you type ever leaves this page.

 
  0 bits of entropy offline crack: instant online crack: instant

Random password

Passphrase

Why this generator is safe to use

Every password on this page comes from crypto.getRandomValues(), the same cryptographically secure random source your browser uses for TLS. Generation happens on your device, full stop. No request leaves the page when you click Generate, which you can verify in your browser's network tab. We use rejection sampling instead of the naive modulo trick, so every character has exactly the same probability of being picked. A surprising number of online generators get that detail wrong and quietly bias their output.

How strong is strong enough?

Strength is entropy, measured in bits, and nothing else. Each extra random character from a 95 character set adds about 6.6 bits; each extra word from our 1,024 word list adds exactly 10. The crack times shown above assume an attacker who stole a password database and runs an offline rig at 1 trillion guesses per second against a fast hash, which is what a handful of consumer GPUs achieve on MD5 or NTLM according to public hashcat benchmarks. The online estimate assumes 10,000 guesses per second against a rate-limited login form.

In practice: 12 random characters is the floor for accounts you care about, 16 is the comfortable default, and 20+ costs you nothing if a password manager does the typing. NIST SP 800-63B stopped recommending forced rotation and composition rules years ago; length and uniqueness are what survive contact with a real attacker. Our guide on how long passwords actually take to crack walks through the math with current hardware numbers.

Password or passphrase?

Use random passwords for everything a manager fills automatically. Use a passphrase for the handful of secrets you type with your hands: your manager's master password, your OS login, full disk encryption. Seven words at 10 bits each gives 70 bits, which holds up against offline attack, and "Maplerocket-Owlharbor-Frostpencil" style phrases are something you can actually type on a phone keyboard before coffee.

Common traps

The pattern "word + year + exclamation mark" feels strong and dies in seconds; cracking tools try those mutations first. Leetspeak swaps are in every wordlist rule file since forever, so P@ssw0rd buys you nothing. And reuse is the real killer: one breached forum from 2019 plus credential stuffing equals a compromised mailbox today. The fix is boring and absolute: one unique password per account, stored in a manager.

Frequently asked questions

Is it safe to use an online password generator?

It depends entirely on where the generation happens. This generator runs in your browser using the Web Crypto API: the password is created on your device and never sent anywhere. You can confirm it with your browser network inspector, or even disconnect from the internet after the page loads. Generators that create passwords server-side are the ones to avoid.

What password length should I use in 2026?

Use 16 characters or more for anything that matters, 20+ if a password manager types it for you. Below 12 random characters, offline cracking hardware gets uncomfortably close. Length adds entropy faster than any symbol rule.

Are passphrases weaker than random passwords?

Not when they are long enough. A 7 word passphrase from this generator has about 58 bits of entropy, comparable to a 9 to 10 character random password, but far easier to type and remember. For master passwords you type daily, a passphrase is usually the better trade.

Why does the tool exclude characters like O, 0, l and 1?

Only when you enable the "no look-alikes" option. It removes characters that are easy to confuse when reading a password aloud or copying it by hand: O versus 0, l versus 1 versus I. You lose a fraction of a bit of entropy and gain a lot of sanity for WiFi keys and codes shared with humans.

How accurate are the crack time estimates?

They are honest orders of magnitude, not promises. We assume an offline attacker doing 1 trillion guesses per second against a fast hash, which matches a small GPU rig running MD5 or NTLM per public hashcat benchmarks. Against a properly stored password (bcrypt, Argon2), real times are dramatically longer.