Password Generator
Jana kata laluan rawak yang selamat dengan segera
Tentang alat ini
Cipta kata laluan yang selamat secara kriptografi dengan kawalan penuh ke atas panjang, set aksara, dan kuantiti. Togol huruf besar, huruf kecil, nombor, dan simbol, kecualikan aksara yang mengelirukan, serta semak kekuatan kata laluan dengan meter berasaskan entropi. Jana sehingga 20 kata laluan sekaligus dan salin secara individu atau secara pukal.
Ciri-ciri
- Panjang yang boleh dilaras dari 8 hingga 128 aksara
- Togol huruf besar, huruf kecil, nombor, simbol
- Kecualikan aksara yang mengelirukan (0, O, I, l, 1)
- Meter kekuatan berasaskan entropi
- Jana pukal sehingga 20 kata laluan
Kes penggunaan
Kongsi alat ini
Bantu orang lain menemuinya
Buat akaun percuma untuk menyahkan tera air
Simpan kerja anda, akses suite kreatif penuh, dan eksport tanpa tera air.
How to generate a strong password
Produce a cryptographically secure password, passphrase, or pronounceable string with visible entropy feedback.
- 1
Pick a mode
Random for password managers, Passphrase for memorable but strong, Pronounceable for verbal sharing.
- 2
Adjust length / word count / syllable count
Watch the entropy meter — aim for green (80+ bits).
- 3
Toggle character sets
Uppercase, lowercase, numbers, symbols. Optionally exclude ambiguous characters (0, O, l, 1, |, `).
- 4
Click Generate
Generates the requested quantity (1–20 at a time). Each run draws fresh bytes from crypto.getRandomValues.
- 5
Copy or reveal
Click the eye to reveal, the copy icon to send to clipboard. Use Copy All for bulk provisioning.
Soalan Lazim
Why three different modes — Random, Passphrase, and Pronounceable?
Random maximizes entropy (best for password managers). Passphrase stays strong (~60 bits for 6 words) while being memorable. Pronounceable trades some entropy for easy verbal sharing — useful for kiosks or one-time codes read over the phone.
How is randomness guaranteed?
We use `crypto.getRandomValues`, the browser's cryptographically secure random source — same primitive OS-level CSPRNGs use. On top of that we apply rejection sampling to eliminate modulo bias, so even characters at the end of small-modulus pools appear uniformly.
What entropy level is considered safe?
60 bits resists offline cracking by a serious attacker for years. 80 bits is resistant to any current adversary. 100+ bits is overkill but costs nothing extra to produce. The meter shows this at a glance — stay in green/primary for anything sensitive.
What exactly is a passphrase, and why is it often safer?
A passphrase combines multiple common words separated by a character, e.g. "garden-river-pencil-strong-sunset". Six random words from a 512-word list yield ~54 bits of entropy while being trivially memorable — most users cannot remember a 20-char random password, so they pick weak ones.
Does the tool send my passwords anywhere?
No. Generation is 100% client-side — nothing is transmitted to our servers, nothing is logged. You can verify by opening your browser devtools network tab while generating. Closing the tab clears every generated value.
What does "exclude ambiguous characters" do?
Removes characters that look alike at small font sizes: `0 O I l 1 | ` (backtick). Useful when a password has to be read from a screen or transcribed by hand. Slightly reduces entropy (pool shrinks by ~5 characters).