Password / Passphrase GeneratorGenerate strong random passwords or memorable passphrases, right in your browser.

Type
Options
Ready.

Your passwords and passphrases are generated in your browser with the Web Crypto API. Nothing is sent to BroBroGo.

FAQ

How is the randomness generated?

Every character and every word is picked with the browser's Web Crypto API (crypto.getRandomValues), the same cryptographically secure source used for encryption keys — never Math.random(). Each pick uses rejection sampling so no character or word is ever favored over another.

Should I use a password or a passphrase?

A random password packs more entropy per character, so it's the better choice wherever a password manager will store and autofill it for you. A passphrase (several real words strung together) is easier to type or read aloud from memory, which makes it a better fit for things you actually have to type by hand — a device unlock code, a Wi-Fi password, or your password manager's own master password.

What does the entropy number mean?

It's the number of bits of randomness in the generated value — for a password, length times log2 of how many characters could appear in each position; for a passphrase, word count times log2(7,776), the size of the wordlist. Higher is harder to brute-force. It assumes an attacker already knows the exact method used to generate the value, so it's a measure of raw randomness, not a full crack-time estimate against dictionary or pattern-based attacks.