Password Generator

Generates secure random passwords. Single, bulk, strength audit and breach checking.

What it does

Use this to create strong passwords for new accounts, audit whether your old password is still safe, generate a list of passwords for your team, or check if a password appears in known data breaches.

How to use

Four tabs:

Generate

  1. Pick a strategy: Random, Passphrase, Pronounceable, PIN.
  2. Set length and character classes.
  3. Click Generate.
  4. The right side shows strength score and crack-time estimate.

Bulk

  1. Set strategy and parameters.
  2. Set how many to generate (1-10000).
  3. Click Generate.
  4. Export the table as CSV.

Audit

  1. Type or paste a password.
  2. See strength score, entropy and breach status (if available).

Settings

Saves preferences, configures the breach-database source.

Strategies

StrategyResult
RandomPure random characters (Xj#9!mLp2qR). Most secure.
PassphraseMultiple words (correct-horse-battery-staple). Easier to remember.
PronounceableA pronounceable made-up word (maboruga). Good when spoken aloud.
PINDigits only (4-12). For phone/ATM use.

Character classes

  • Uppercase (A-Z)
  • Lowercase (a-z)
  • Digits (0-9)
  • Symbols (! @ # $ % etc.)
  • Custom extra characters
  • "Exclude ambiguous chars" option (removes confusing ones like 0Oo1lI)

Strength score and breach checking

  • Entropy (bits): Mathematical strength. 80+ bits is considered safe.
  • Score (0-100): Colour-coded (red weak, green excellent).
  • Crack time: Estimated time to break on a modern GPU.
  • Breach check: Whether the password appears in the HIBP (Have I Been Pwned) database. The full password is never sent (k-anonymity).

Examples

New email password: Generate, Random, length 16, every character class, Generate. Strong and secure.

50 passwords for the team: Bulk, Passphrase, 50 count, generate, export as CSV.

Audit an existing password: Audit, paste the password, see the score and breach status.

Meeting-room door PIN: Generate, PIN, 6 digits, generate. Easy to share verbally.

Watch out

  • Generation is cryptographically secure (Python secrets module), not predictable.
  • The breach-check API call is off by default. Turn it on in Settings, and only the first 5 chars of the SHA1 hash leave your machine.
  • Pronounceable passwords are weaker than Random, only use them when you need to say them aloud.
  • Short passwords (under 8) do not withstand modern attacks.
  • Generated passwords are not saved in history, leaving loses them. Copy them somewhere safe right away.

License

Free tier has a daily generation cap. Office and Ultimate plans remove it.