πŸ”’No files storedπŸ›‘HTTPS encrypted⚑Works in your browserπŸ†“100% free, no signup
πŸ”‘

Password Generator

Generate secure, cryptographically random passwords instantly. Nothing leaves your browser.

Click Generate to create a password
16
4 β€” too short16–20 recommended64 β€” maximum
πŸ”’

Uses crypto.getRandomValues() β€” the most secure browser API available. Passwords are generated locally and never leave your device.

Related Tools

Password Strength Checker
Try this tool β†’
PIN Generator
Try this tool β†’
Username Generator
Try this tool β†’

How to Use the Password Generator

Generate a cryptographically strong password in seconds using your browser's secure random source β€” never a server.

  1. Step 1: Choose a length β€” 16+ characters for important accounts.
  2. Step 2: Select which character types to include: uppercase, lowercase, digits, symbols.
  3. Step 3: Click Generate. A new password appears instantly with a strength indicator.
  4. Step 4: Copy the result straight into your password manager β€” never into a plain text note.

Common Use Cases

πŸ†•
New Account Sign-ups
Generate a unique password for every new service.
πŸ—„οΈ
Database Credentials
Strong passwords for production DB users and service accounts.
πŸ”‘
API Keys & Secrets
High-entropy strings for tokens, webhooks, and config.
πŸ“Ά
WiFi Passwords
Secure passphrases for your home or office network.

Frequently Asked Questions

What makes a password strong?

Length is the biggest factor β€” every extra character roughly doubles the search space. Add character variety (upper, lower, digit, symbol) and ensure the password is truly random, not a memorable pattern. 16+ random characters is the modern baseline.

Are generated passwords stored?

No. Passwords are generated locally in your browser using window.crypto.getRandomValues() and never sent anywhere. Once you close the tab, the password is gone unless you saved it yourself.

How random is the generator?

It uses the Web Crypto API's cryptographically secure random number generator β€” the same source used by browser-built-in password fills, TLS handshakes, and modern auth flows. Not the predictable Math.random().

Should I use a passphrase instead?

A 4-word random passphrase (e.g. correct-horse-battery-staple) has comparable entropy to a 12-character random string and is easier to type. For accounts you never type manually, random strings are fine.

What length is recommended?

12 characters minimum for low-stakes accounts; 16+ for anything containing personal data, money, or work access; 20+ for password manager master passwords and email accounts that gate everything else.

Why Use the ConvertDox Password Generator?

The thing that ruins most online password generators is also the most basic: they generate the password on a server and send it back to you. That's a problem because the server now has a record β€” however briefly β€” of a credential you're about to use. The ConvertDox Password Generator generates client-side using the browser's Web Crypto API, the same cryptographically secure source used by browser autofill and TLS. There is no server roundtrip, no logging, and no telemetry; you can verify this in your browser's network panel. The tool supports both random-string and passphrase modes, length up to 128 characters, and per-class toggles so you can produce credentials that fit the (sometimes arbitrary) rules of legacy systems. Need a database password without symbols? Toggle them off. Need a 6-digit PIN? Set length to 6 and digits only. Need a 32-character API secret? Done in one click. The generator also exposes a small recent-history panel so you can grab the last few generated values without re-running. Use it once and you'll stop reusing passwords across sites β€” which, statistically, is the single most important thing you can do to protect your online accounts in 2026.