CalcPro

Password Generator

Build a strong random password from chosen character sets.

How it works

This password generator creates random passwords by drawing characters from the sets you enable. You control the total length and which character types to include—uppercase letters, lowercase letters, digits, and special symbols. Each time you regenerate, the tool shuffles a fresh combination, ensuring no two passwords are identical unless you specifically request the same settings again.

The randomness is the key to security. Predictable patterns (like "Password123!") are vulnerable to dictionary attacks and brute-force guessing. A truly random password, especially a long one with mixed character types, is exponentially harder to crack.

The formula

Password strength = log₂(character pool size ^ length)

This represents the number of possible combinations. A 12-character password using all four character types (uppercase, lowercase, numbers, symbols) has roughly 94^12 ≈ 475 trillion possible combinations—far beyond what any attacker can feasibly test in reasonable time.

Worked example

Let's generate a secure password for a bank account.

Your settings:

  • Length: 16 characters
  • Uppercase: ✓ enabled (A–Z, 26 options)
  • Lowercase: ✓ enabled (a–z, 26 options)
  • Numbers: ✓ enabled (0–9, 10 options)
  • Symbols: ✓ enabled (!@#$%^&*, 32 common options)

Character pool size: 26 + 26 + 10 + 32 = 94 characters

Generation process: The tool randomly selects 16 characters from this pool of 94, one at a time. A possible output might be:

7mK#pL9@vQx2R$Hs

Breaking it down:

  • 7 – number
  • m – lowercase
  • K – uppercase
  • # – symbol
  • p – lowercase
  • L – uppercase
  • 9 – number
  • @ – symbol
  • v – lowercase
  • Q – uppercase
  • x – lowercase
  • 2 – number
  • R – uppercase
  • $ – symbol
  • H – uppercase
  • s – lowercase

Strength estimate: With 94^16 possible combinations (≈ 475 quadrillion), this password would take a modern computer trillions of years to crack by brute force alone.

If you need something shorter—say, a 10-character password for a less critical service—you'd still keep all four character types enabled. Even 94^10 (≈ 60 billion combinations) provides solid protection for everyday accounts.

Tips for strong passwords

Length matters most. A 16-character password with just lowercase and numbers is stronger than a 10-character password with all four types. Aim for at least 12 characters for important accounts (email, banking, password manager).

Use all four character types when the service allows. Not every site accepts symbols; in those cases, enabling uppercase, lowercase, and numbers is the next best choice.

Store passwords securely. Use a password manager (Bitwarden, 1Password, KeePass) to store generated passwords safely. Never paste them into unencrypted notes or email.

Regenerate until you're comfortable. There's no penalty for clicking the reroll button multiple times. Some people prefer passwords without consecutive repeated characters or patterns that look random—keep generating until you get one you trust.

Different passwords for different accounts. Reuse the same strong password across multiple sites, and one breach exposes all of them. Generate a unique password for each service.

Note: This calculator generates passwords client-side in your browser. No password is transmitted to any server or stored anywhere. For added peace of mind, disconnect from the internet before generating passwords for your most sensitive accounts (though this is rarely necessary).

Frequently asked questions

How long should my password be?

For critical accounts (email, banking, password manager), use at least 16 characters. For everyday services with lower risk, 12 characters is acceptable. Longer is always better—each extra character multiplies the number of possible combinations.

Should I include symbols?

Yes, if the service allows. Symbols expand your character pool significantly, making the password harder to crack. However, if a site rejects symbols, use uppercase, lowercase, and numbers instead.

Can I use this password multiple times?

No. Use a unique password for every account. If one service is breached, attackers won't gain access to your other accounts. A password manager makes managing many unique passwords effortless.

Is this generator truly random?

Yes. It uses your browser's built-in cryptographic random number generator (Web Crypto API), which is suitable for generating secure passwords. Each regeneration produces an independent random result.

What if I see a password I like but want to tweak it?

You can regenerate as many times as you need. There's no limit. Keep clicking until you get a password you're comfortable using—perhaps one without a pattern that bothers you, or one easier to type on your keyboard.

Can I copy the password directly from the generator?

Yes. The calculator typically includes a copy-to-clipboard button. This is the safest way to transfer the password to your password manager or account setup form, avoiding manual typing errors.