buncha.tools
Stays on this device. Cryptographic-grade randomness from crypto.getRandomValues() — same source the Web Crypto API uses for keys. The page never sees or stores generated passwords; copy each one straight to your password manager.
Very strong
~125 bits of entropyOverkill for almost anything outside crypto keys.
Length20
About password length. For online accounts in 2026: 16 characters minimum for anything that holds money or identity (banks, primary email, password manager). 12-14 minimum for everything else, but only if random — if you're typing it from memory, length matters less than whether it's in a known breach corpus. The biggest single security upgrade most people can make isn't a longer password, it's a password manager. Stored passwords don't have to be memorable, so they can be 20-character random gibberish. Length matters more than character variety past the basics — a 20-character all-lowercase passphrase has more entropy than a 10-character mixed-case-with-symbols password.
Read the guide
How Long Should Your Password Be in 2026?

Pairs well with

QR Code Generator
Generate fancy QR codes — colors, shapes, logo, ve
Password Strength Checker
Test how strong your password is with detailed ana
UUID Generator
Generate cryptographically-strong UUIDs (v4 random
Slug Generator
Convert any title or phrase into a URL-friendly sl

About Password Generator

Generate strong, secure random passwords instantly. Customise length, include symbols, numbers, and uppercase letters. All randomness comes from the browser's Web Crypto API.

Strong passwords have two properties: long enough that brute-force is infeasible, and random enough that they can't be guessed from public information. 16+ characters with mixed case, numbers, and symbols hits the modern 'computationally infeasible to crack' bar for offline attacks.

Randomness comes from `crypto.getRandomValues()` — cryptographic-grade. Length defaults to 16 (the NIST 2024 recommendation). For passwords you have to type, use 12-14 with a passphrase generator instead. For passwords stored in a manager, longer is always better.

Common questions

Should I use a password manager?
Yes. Generated passwords like these are best stored in a manager (1Password, Bitwarden, Apple Keychain) — typing them by memory defeats the point.
How long should my password be?
16 characters minimum for online accounts, 20+ for high-value ones (banks, primary email). Length matters more than character variety past a point.
Are these passwords saved?
No. The page never persists them. Once you generate one, copy it to your password manager.

Like every tool on Buncha, this one runs entirely in your browser. There's no upload, no log, no record of what you've pasted or generated. Close the tab and the data is gone.

↳ Have feedback or found a bug? hello@buncha.tools
b
Built browser-first. Run by one developer.
Every tool runs on your device. No tracking pixels, no sign-up to start. The numbers below are pulled live from the registry.
240
Free tools
Across 14 categories
7
Visual editors
PDF · image · video · audio
32
Curated kits
By profession + lifestyle
17
AI tools
Powered by Claude API
Files never uploadNo tracking pixelsNo sign-up neededWorks in any modern browser
The handful of AI tools (paraphrase, summarise, blog, captions, etc.) send your prompt text to Anthropic's Claude API to do the work. Files, images, PDFs and video never leave your device. Pick the tools that fit your privacy comfort.