Skip to main content
Calctrove Calctrove

Passphrase Generator

Passphrase Generator

Create cryptographically random passwords and passphrases locally in your browser.

Private by design: Web Crypto only, no network submission.

Choose a format

This compact local word list needs more words than a Diceware list.

Advanced and batch settings

Generated secret

Strong · 84.0 bits

Local only
Choose valid settings to generate a result.
How the strength estimate works

Entropy is calculated from this generator's valid output space. Under an illustrative offline attack averaging 10 billion guesses per second, the midpoint search time is about 30.7 million years. Real risk depends on server hashing, breaches, reuse, phishing, and account protections; this is not a breach prediction.

Flow
  • Select one or more character classes.
  • Sample the full password with Web Crypto.
  • Reject and resample only when a selected class is missing.
  • Calculate entropy from the same valid output space used by generation.
Example

Worked example: 20-character password

  1. 1 Choose the Recommended 20 preset.
  2. 2 The tool samples locally until every selected character class is present.
  3. 3 Copy the masked result into your password manager without needing to reveal it.

A unique 20-character password is generated with Web Crypto and no server submission.

How
  1. Choose Random password or Passphrase.
  2. Use the recommended preset or adjust length and allowed characters.
  3. Copy the result directly into a password manager, then clear the generated secret.
Cases
  • Create a unique password for a personal or work account.
  • Generate a long secret for a password manager.
  • Produce private test credentials or a local batch for QA.
Avoid
  • Selecting no character classes before generation.
  • Using fewer than 15 characters for a password that is the only authentication factor.
  • Reusing a generated password across accounts or leaving it in clipboard history.
FAQ
How long should a generated password be?

For a password used as a single authentication factor, current NIST guidance sets a 15-character minimum. Longer unique passwords remain safer, especially when a site limits character variety.

Does the generator guarantee selected character classes?

Yes. It uses rejection sampling so every accepted password contains each selected class while remaining uniform across the valid output space.

Are generated passwords stored or sent to a server?

No. Generation runs locally with Web Crypto, output is masked by default, and this tool does not add generated secrets to its result-history component.

Switch
Switch12