Security guide
Criteria, examples, and how our generator works.
Secure passwords are an important component of IT security. Here are the most important criteria:
Length
The longer a password is, the harder it is to crack (e.g., by brute-force attacks). A password should be at least 12 characters long.
Complexity
Use a combination of uppercase letters (A-Z), lowercase letters (a-z), numbers (0-9), and special characters (!, @, #, $, %, etc.).
No personal information
No name, date of birth, place of residence, or simple keyboard patterns like 123456, qwerty, password, admin, hello123.
No reused password
Use a unique password for each website/service. If one service is compromised, the others are not automatically at risk.
Regular updates
Passwords should be changed regularly – especially when suspecting a data breach.
Password manager
Use a password manager that stores secure random passwords (e.g., in the browser).
Examples and Comparisons
Weak Passwords
password123
admin
12345678
qwerty123
myName2024
These passwords can be cracked in seconds. 'password123' appears in over 5 million data leaks.
Strong Passwords (generated)
K9#mP2@vL8&nR
F$7wQ4!xN9^bT
H@2kM5#pS8&vX
These passwords have an entropy of 78.6 bits and would take 1.7 million years to crack at 10 billion attempts/second.
Generator Methodology
Our password generator is based on cryptographically secure random numbers and follows the recommendations of the NIST (National Institute of Standards and Technology).
Cryptographic Randomness
Uses the Web Crypto API for true random numbers, not pseudo-random numbers like Math.random(). This meets standards for banking and government applications.
Entropy Calculation
Each character set contributes to entropy: uppercase (26), lowercase (26), numbers (10), symbols (32). A 12-character password with all sets has 94^12 ≈ 4.7 × 10^23 combinations.
Security Validation
Passwords are validated against common patterns and dictionary attacks. No sequential characters, repeated patterns, or weak combinations are generated.