Password Generator

A strong password has three essential qualities: length, complexity, and uniqueness. Length is the single most important factor — each additional character multiplies the number of possible combinations exponentially. A 12-character password using all character types (lowercase, uppercase, numbers, symbols) has about 475 trillion trillion possible combinations, while an 8-character password has only 6 quadrillion — roughly 79 billion times fewer possibilities. Complexity comes from using a diverse character set: lowercase letters provide 26 options per position, adding uppercase doubles it to 52, digits bring it to 62, and symbols push it to 94 or more. But length trumps complexity every time: a 20-character lowercase-only password (2.0 × 10²⁸ combinations) is vastly stronger than an 8-character password using all character types (6.1 × 10¹⁵ combinations). Uniqueness means never reusing a password — if one service suffers a data breach, attackers will try that same password on every other site you use through credential stuffing attacks.

Entropy, measured in bits, quantifies the randomness in a password. The formula is: entropy = length × log₂(charset_size). A 16-character password using the full 94-character set (lowercase + uppercase + numbers + symbols) has about 104.8 bits of entropy. Every additional bit of entropy doubles the number of guesses an attacker needs to make. For context: 40 bits of entropy can be cracked in seconds by modern hardware, 60 bits takes hours, 80 bits takes years, and 128+ bits is considered uncrackable with current technology. Passphrases derive their entropy differently — from a word list size raised to the power of the word count. A 4-word passphrase from a 200-word list has log₂(200⁴) ≈ 30.6 bits, while 5 words gives ~38.2 bits. Adding capitalization, separators, and random numbers significantly boosts passphrase entropy. The key insight: entropy must come from truly random selection. A human choosing 'Password123!' might use uppercase, lowercase, numbers, and symbols, but it has near-zero effective entropy because it follows an extremely predictable pattern.