PixHaul/Password Generator
Strong, random, copy-ready

Password Generator

Generate cryptographically secure passwords. Choose length and character sets, see strength, copy with one click. Nothing is sent anywhere.

Your password
Weak · 0b
Length
20characters
63264
Character sets
Why this tool

Built for fast, private, no-nonsense work.

Password Generator is part of PixHaul — a small set of browser-based tools we built because most of the “free online” alternatives are slow, ad-laden, and upload your files before they’ll process them. PixHaul does none of that.

Uses Web Crypto’s hardware-grade randomness — the same standard banks and password managers use, not Math.random().
Real-time entropy meter shows the math behind “strong”: how many bits of randomness, not just a coloured bar.
Optional “no ambiguous characters” mode strips 0/O, 1/l/I and similar look-alikes for passwords you’ll type by hand.
Nothing is sent anywhere. The password exists in your browser tab and your clipboard — that’s it.
How to use it

Password Generator in four steps.

  1. 1

    Pick a length

    Drag the slider between 6 and 64 characters. Anything 16+ is excellent. Anything 20+ is overkill in a good way.

  2. 2

    Choose character sets

    Lowercase, uppercase, numbers, symbols. Each set you add roughly doubles the strength per character. Symbols can be disabled if a site doesn’t allow them.

  3. 3

    Optionally remove ambiguous characters

    Useful for passwords you’ll type or read from a card. Costs a small amount of entropy.

  4. 4

    Copy and save

    Click Copy to put it on your clipboard. Click New to generate another. Then store it in your password manager — never reuse passwords across sites.

Common questions

Questions, asked & answered.

Is this password generator actually secure?

Yes. It uses crypto.getRandomValues, the Web Cryptography API’s hardware-backed CSPRNG. It’s the same standard used by major password managers. We do not use Math.random, which is not cryptographically secure.

Do you store or transmit my passwords?

No. The password is generated in your browser tab. It is never sent over the network. We have no servers that see it. The only place it goes is your clipboard when you click Copy.

How long should my password be?

16 characters with mixed sets is enough for everyday accounts. 20+ is great for important ones (email, banking, password manager master). The strength meter shows bits of entropy: 80+ is excellent.

What’s a good password setting for sites that ban symbols?

Turn off Symbols and bump the length to 24+. Without symbols you lose a few bits of strength per character, but you can compensate with length.

What is entropy?

Entropy measures how many guesses an attacker would need to brute-force the password. Each bit doubles the work. 80 bits means 2^80 guesses, which is computationally infeasible even with massive compute.

Should I memorize generated passwords?

No — use a password manager (your browser has one built in, and there are good standalone options). Memorize a single strong master password and let the manager generate and remember the rest.

More tools

QR Code Generator

Make QR codes for anything
Open

JSON Formatter

Pretty-print, minify, validate
Open

Color Converter

HEX · RGB · HSL · HSV
Open