Generate passwords securely on your device. No information is sent to our servers! Source code is available here.
Randomly Generated Password
Passwords - Best practise
Keep your passwords strong
Use a minimum of 10 symbols, including numbers, both uppercase and lowercase letters, and special symbols.
Even better, use passphrases consisting of a minimum of 15 symbols using letters and numbers.
Avoid common password weaknesses
Easy-to-guess passwords, especially "password"
Your name, the name of your spouse or partner name, or other names
A string of numbers or letters like “1234” or “abcd”, or simple patterns of letters on the keyboard, like “asdfg”
Your phone number or your license plate number, anybody’s birth date, or other information easily obtained about you (e.g., your address, town or alma mater)
Passwords of all the same letter
Words that can be found in the dictionary
Default passwords, even if they seem strong
Any of the above followed or preceded by a single digit
Protect your password
It is vital to remember your password without writing it down somewhere, so choose a strong password or passphrase that you will easily remember. If you have a lot of passwords, you can use password management tools, but you must choose a strong master key and remember it.
Be aware of how passwords are sent securely across the Internet. URLs (web addresses) that begin with “https://” rather than “http://” are more likely to be secure for use of your password.
If you suspect that someone else may know your current password, change it immediately.
Change your password periodically (every 90 days for a strong password, every 180 days for a passphrase), even if it hasn't been compromised.
Don't type your password while anyone is watching.
Avoid using the same password for multiple websites containing sensitive information.
Follow password policy best practices for system administrators
Configure a minimum password length of at least 10 characters for passwords or 15 for passphrases.
Enforce password history, with at least 10 previous passwords remembered.
Set a minimum password age of 3 days.
Set a maximum password age of 90 days for passwords and 180 days for passphrases.
Enable the setting that requires passwords to meet complexity requirements. This setting can be disabled for passphrases but it is not recommended.
Reset local admin passwords every 180 days. This can be done with the free Netwrix Bulk Password Reset tool.
Reset service accounts passwords once a year during maintenance.
For domain admin accounts, use strong passphrases with a minimum of 15 characters.
Track all password changes by enabling password audit policies. This can be done with Netwrix Auditor for Active Directory.
Create email notifications for password expiration. This can be done with the free Netwrix Password Expiration Notifier tool.