Generate a cryptographically secure 12-character password in one click. The 12-character length is the modern minimum recommended by NIST SP 800-63B for most online accounts. Pick a different length from the chips below if you need 8, 16, 20, or 32 characters.
A 12-character password built from a 94-character pool (lowercase + uppercase + digits + symbols) yields 78.7 bits of entropy — well above the 60-bit floor that modern standards (NIST SP 800-63B, OWASP) call "strong." The math: 9412 = 4.76 × 1023 possible combinations. At 10 billion guesses per second (a fast offline GPU attack), that is roughly 2 million years to brute-force.
If you need a 16-character, 20-character, or 32-character password for higher-stakes accounts (email, banking, password manager vaults), the chips above switch the length in one click. For the recommended 12-character baseline, just hit "Generate Password" — the tool defaults to 12 characters on every load.
If you need a different length, the chips above switch in one click. Each length has its own entropy profile:
For a fully flexible length picker, see the Password Generator by Length tool. For just the basic length-less password generator, see Password Generator. To check a password's strength, see the Password Strength Checker.
This 12-character password generator creates a cryptographically secure password of exactly 12 characters. It uses crypto.getRandomValues (the Web Crypto API) to produce 78.7 bits of entropy from a 94-character pool (a-z, A-Z, 0-9, symbols). A 12-character password is considered 'strong' by modern standards (NIST SP 800-63B) and takes roughly 2 million years to crack at 10 billion guesses per second. Click 'Generate Password' for a new 12-character password, or pick a different length from the chips above.
A 16-character password uses the same 94-character pool as the 12-character default and yields 104.9 bits of entropy — 'extremely strong' by every modern standard. Many security experts recommend 16 characters for high-value accounts like email, banking, and password manager master passwords. To generate a 16-character password, click the '16 chars' chip below the length slider (or open /password_generator_by_length/ and pick 16 from the slider). 16-character passwords take roughly 1.18 × 1014 years to crack at 10 billion guesses per second.
A 16-character password is the modern sweet spot for high-value accounts — it produces 104.9 bits of entropy and is rated 'extremely strong' by every standard checker. To generate one, click the '16 chars' preset chip on this page (or any password tool on Toolzie). 16 characters is the default for many enterprise systems and is recommended by NIST SP 800-63B for top-tier security.
A 20-character password uses 131.1 bits of entropy and is 'extremely strong' — overkill for most consumer accounts but appropriate for password manager vaults, encryption keys, and admin credentials. To generate a 20-character password, click the '20 chars' preset chip on this page (or any password tool on Toolzie). 20 characters takes roughly 9.19 × 1021 years to crack at 10 billion guesses per second.
A 32-character password yields 209.7 bits of entropy and is the standard for password manager master passwords, encryption keys, and high-security admin credentials. To generate a 32-character password, click the '32 chars' preset chip on this page (or any password tool on Toolzie). 32 characters takes roughly 4.38 × 1045 years to crack at 10 billion guesses per second — well beyond the lifetime of the universe at any plausible attack rate.