This utility provides strong, secure, random passwords. The password is created solely on the webpage and never transmitted over the internet to ensure the best possible security.

Traditionally, a password is a combination of characters such as letters, symbols, and numbers, which serves the purpose of restricting access to an account. The rampant use of technology and the internet in today's world makes it highly probable that almost everyone has encountered some sort of password protecting an account. Therefore, it is necessary to know how to adequately formulate a strong password (or use a password-generating tool) and understand how to safeguard that password.

Password strength

Measuring how effective a password is against being guessed or brute-force attacks determines password strength. Password strength, regardless of variability, is an estimation of the number of attempts needed to guess a password. This number is largely derived from the length, complexity, and randomness of the password. Using a name, birth date, or any personal details usually makes a password generator easier—and therefore weak.

These additional aspects, besides the password itself, have been mentioned as proper security measures that dramatically lower the chances of a breach occurring. Other than the password generator, security measures need to be placed that log or keep track of users who might pose a threat. These include two-step verification systems on passwords and temporarily suspending accounts after a given number of incorrect attempts.

A password generator’s security can be achieved by following a specific set of guidelines. This mainly refers to constructing a strong password that is difficult to crack; however, there are other factors to consider, such as the need to change one’s password regularly through our password generator and being aware of other weak passwords (password, 123456, qwert…). Enumerated below are some of the basic rules of thumb that deal with formulating a password:

Use lower-case letter(s) [a-z]
Use upper-case letter(s) [A-Z]
Use numbers [0-9]
Use symbols [!@#$%^&*()…]

Do not use personal information related to the user.

Do not use words found in a password blacklist that can exist on the Internet, or it is possible that some company or other institution may have its own set of password blacklists.

Do not use the name of the company or institution together with its abbreviations.

Avoid passwords that are associated with popular formats like dates of the calendar, license plates, telephones, or other ordinary numerical formats.

Also, add any policies or rules that may be associated with the other passwords in use because policies relating to them include a specified limit on the number of characters. Usually, the more characters in a password and the higher the number of character types used, the safer the password will be. Unlike other random password generators, this one allows the user to omit ambiguous characters. Such characters include computer-distinguishable letters “I” and “L.”

This is very important for random password generators. Sometimes, an uppercase “i” can be mistaken for a lowercase “l” or the number 1. The user getting locked out of their own account due to characters being too similar or confusing is baffling, to say the least. Keep in mind, however, omissions typically make a password weaker.

Password Entropy

In addition, the generator also calculates the password entropy, which is represented in bits. The higher the value, the more impossible it makes guessing the password. If a password had an entropy of 100 bits, it would require 2100 attempts to guess it and exhaust all possibilities. In reality, a brute force search would require around half those attempts to find the correct option, however.

How to keep your password safe

Along with coming up with a strong password generator, taking measures to protect it is just as vital. Listed below are some strategies that may help safeguard your password. While there may be countless other strategies someone can employ, these are some basic guidelines that may be helpful.

Don’t share the password with anyone else—a user should ideally be the sole possessor of his or her password. Even in circumstances where you trust the person with whom you share your password, they may not be as careful as you would be when it comes to protecting a password. The more people that know a password generator, the more the chances of the information getting stolen increase.

Don't use the same password across different websites and accounts—it may be easier to remember a uniform password to access your multiple accounts; however, using the same one poses a great risk. No matter how robust your password generator is, having the same one set for all accounts could result in any single account security breach becoming the downfall of all your accounts.

With the help of a password manager, it is easier to manage multiple accounts and passwords. Most importantly, it enhances security because diverse passwords can be set on different accounts, which are easier to manage. Spending some time searching for the right password manager can prove worthwhile, as there are many available.

Change your passwords regularly—this is another one of the steps you could add, which is helpful and at the same time cumbersome, but in theory could improve the security of your accounts. This helps in scenarios where someone who has access to your password does not want to do anything malicious to your accounts immediately.

In such scenarios, changing the password limits the amount of time the person has unregulated access to the account, assuming that the person cannot figure out the new password. In circumstances where you had stored the password on a device that you no longer use, changing the password will render the retrieved password useless.

Never save your passwords to public devices— In an ideal world, stopping the saving of passwords altogether would serve as a better precautionary measure to mitigate the chances of gaining unauthorized access to accounts. Along the same lines, taking precautions when accessing sensitive accounts on unprotected public networks should be of the utmost priority.

Avoid keeping explicit lists of your passwords that can be accessed physically or electronically. This includes sticky notes with accounts and passwords, documents named "passwords" on your desktop, or even notes stored on your phone.

It is wise to use a password manager instead. Mobile phones and notebooks are susceptible to theft or loss. Ideally, a person should have a reliable memory for different passwords and accounts and use a password manager to assist when needed.