Secure Password Generator

Generate passwords securely on your device. No information is sent to our servers!
Source code is available here.


Passwords - Best practise

Keep your passwords strong

  • Use a minimum of 10 symbols, including numbers, both uppercase and lowercase letters, and special symbols.
  • Even better, use passphrases consisting of a minimum of 15 symbols using letters and numbers.

  • Avoid common password weaknesses

  • Easy-to-guess passwords, especially "password"
  • Your name, the name of your spouse or partner name, or other names
  • A string of numbers or letters like “1234” or “abcd”, or simple patterns of letters on the keyboard, like “asdfg”
  • Your phone number or your license plate number, anybody’s birth date, or other information easily obtained about you (e.g., your address, town or alma mater)
  • Passwords of all the same letter
  • Words that can be found in the dictionary
  • Default passwords, even if they seem strong
  • Any of the above followed or preceded by a single digit

  • Protect your password

  • It is vital to remember your password without writing it down somewhere, so choose a strong password or passphrase that you will easily remember. If you have a lot of passwords, you can use password management tools, but you must choose a strong master key and remember it.
  • Be aware of how passwords are sent securely across the Internet. URLs (web addresses) that begin with “https://” rather than “http://” are more likely to be secure for use of your password.
  • If you suspect that someone else may know your current password, change it immediately.
  • Change your password periodically (every 90 days for a strong password, every 180 days for a passphrase), even if it hasn't been compromised.
  • Don't type your password while anyone is watching.
  • Avoid using the same password for multiple websites containing sensitive information.

  • Follow password policy best practices for system administrators

  • Configure a minimum password length of at least 10 characters for passwords or 15 for passphrases.
  • Enforce password history, with at least 10 previous passwords remembered.
  • Set a minimum password age of 3 days.
  • Set a maximum password age of 90 days for passwords and 180 days for passphrases.
  • Enable the setting that requires passwords to meet complexity requirements. This setting can be disabled for passphrases but it is not recommended.
  • Reset local admin passwords every 180 days. This can be done with the free Netwrix Bulk Password Reset tool.
  • Reset service accounts passwords once a year during maintenance.
  • For domain admin accounts, use strong passphrases with a minimum of 15 characters.
  • Track all password changes by enabling password audit policies. This can be done with Netwrix Auditor for Active Directory.
  • Create email notifications for password expiration. This can be done with the free Netwrix Password Expiration Notifier tool.