Password Generator
Generate secure random passwords
Password strength is measured in bits of entropy — the higher the entropy, the longer it takes to crack. A 12-character random password has ~72 bits of entropy.
What is Password Entropy?
Entropy is a measure of unpredictability, expressed in bits. In the context of passwords, entropy quantifies how many guesses an attacker would need to try in order to crack the password through brute force. Each bit of entropy doubles the number of possible combinations.
A password with n bits of entropy means there are 2^n possible equally likely passwords the attacker must search through. For example, 50 bits of entropy means 2^50 (about 1.1 quadrillion) possible combinations, while 80 bits means 2^80 (about 1.2 sextillion) combinations.
The higher the entropy, the more resistant the password is to brute-force and dictionary attacks. However, entropy alone does not tell the full story — a password that appears in a breach database has effectively zero entropy regardless of its theoretical strength, because attackers will try known passwords first.
Password entropy is the single most important metric for assessing password strength. Length, character diversity, and true randomness all contribute to higher entropy. Patterns, dictionary words, and personal information all reduce effective entropy because they make the password more predictable.
Calculating Entropy
The formula for password entropy depends on the method used to generate the password:
Random Character Passwords
For a password of length L drawn uniformly at random from a character set of size C:
Entropy = L x log2(C)
| Character Set | Size (C) | Examples | Entropy per Character |
|---|---|---|---|
| Digits only | 10 | 0-9 | 3.32 bits |
| Lowercase letters | 26 | a-z | 4.70 bits |
| Lowercase + digits | 36 | a-z, 0-9 | 5.17 bits |
| Mixed case + digits | 62 | A-Z, a-z, 0-9 | 5.95 bits |
| All printable ASCII | 95 | A-Z, a-z, 0-9, symbols | 6.57 bits |
A 12-character password using all printable ASCII characters has 12 x 6.57 = ~79 bits of entropy.
Diceware Passphrases
For a passphrase of W words chosen randomly from a wordlist of size N:
Entropy = W x log2(N)
The standard Diceware list contains 7,776 words (6^5, corresponding to five dice rolls). Each word adds log2(7776) = ~12.9 bits of entropy.
| Words | Entropy | Strength Level |
|---|---|---|
| 3 words | ~39 bits | Weak (online-only with rate limiting) |
| 4 words | ~51 bits | Moderate (adequate for most online accounts) |
| 5 words | ~64 bits | Strong (recommended minimum for important accounts) |
| 6 words | ~77 bits | Very strong (suitable for master passwords) |
| 7 words | ~90 bits | Excellent (cryptocurrency wallets, encryption keys) |
Entropy vs Cracking Time
The time to crack a password depends on both the entropy and the attacker’s speed (measured in guesses per second). The following table assumes an offline attack against a fast hash (like unsalted SHA-256) at 10 billion guesses per second:
| Entropy (bits) | Combinations | Estimated Cracking Time |
|---|---|---|
| 40 | ~1 trillion | Seconds |
| 50 | ~1 quadrillion | Hours |
| 60 | ~1 quintillion | Months |
| 70 | ~1 sextillion | Years |
| 80 | ~1.2 x 10^24 | Centuries |
| 90+ | ~1.2 x 10^27 | Heat death of the universe |
Passphrase vs Random
There are two main approaches to generating strong passwords, each with trade-offs.
Random Character Passwords
Random character passwords maximize entropy per character. A 16-character random password using the full printable ASCII set provides about 105 bits of entropy — extremely strong. However, strings like k7$Qm!xR9pL#vW2n are difficult to memorize and painful to type on mobile keyboards.
Random passwords are best suited for situations where a password manager handles storage and autofill. If you are using a password manager (and you should be), random character passwords are the optimal choice because memorability is irrelevant.
Diceware Passphrases
Passphrases use multiple randomly chosen words, typically separated by hyphens or spaces. A 5-word Diceware passphrase like lunar-fabric-ocean-timber-quartz has about 64 bits of entropy — strong enough for most purposes — and is dramatically easier to remember and type.
The key insight is that passphrase security comes from the randomness of word selection, not from the obscurity of the words themselves. Each word must be chosen by a truly random process (dice rolls or a cryptographic random number generator), not by a human picking words that “seem random.”
Passphrases are ideal for master passwords (password manager vaults, disk encryption) where you must type the password from memory and cannot rely on autofill.
Which Should You Choose?
| Scenario | Recommendation |
|---|---|
| Stored in a password manager | Random 16+ characters |
| Must memorize (master password) | Diceware 5-6 words |
| Must type frequently on mobile | Diceware 5-6 words |
| High-security (encryption keys) | Random 20+ characters or Diceware 7+ words |
Common Use Cases
- Account registration: Every new account should receive a unique, randomly generated password stored in a password manager. Reusing passwords across services is the single biggest security mistake most people make
- Master password creation: The one password you must memorize — the master password for your password manager — should be a strong Diceware passphrase (5+ words) since it protects all your other credentials
- API key generation: API keys and tokens should be generated using cryptographically secure random number generators with sufficient entropy (128+ bits) to prevent guessing attacks
- Encryption key derivation: Full-disk encryption (BitLocker, LUKS, FileVault) and file encryption (GPG, age) derive their encryption keys from your passphrase. Weak passphrases undermine the entire encryption
- Wi-Fi passwords: WPA2/WPA3 pre-shared keys should have at least 60 bits of entropy. A 5-word passphrase or 10+ random character password is the minimum recommendation
- Two-factor recovery codes: Backup recovery codes must have enough entropy that an attacker cannot guess them within a reasonable number of attempts, even if they have access to one factor
Try These Examples
A 16-character password using uppercase, lowercase, digits, and symbols (~95 printable ASCII characters). Entropy: log2(95^16) = ~105 bits. At 10 billion guesses per second, this would take trillions of years to brute-force.
k7$Qm!xR9pL#vW2n This password appears in every major breach dictionary. It has near-zero effective entropy because attackers try dictionary words and common patterns first, before brute-force. It would be cracked in under a second.
password123 A 4-word passphrase from a ~7,776-word list (Diceware). Entropy: log2(7776^4) = ~51 bits. Easier to remember than random characters, and still strong against online attacks with rate limiting.
correct-horse-battery-staple