How to generate strong passwords (and why password length beats complexity)

Password strength is one of those topics where the conventional wisdom is wrong. For years, every site demanded "at least one uppercase letter, one number, and one special character" as if those rules produced strong passwords. They don't. The math on password strength is simpler than the rules suggest, and it leads to a different answer than the one most sites enforce.

What actually makes a password strong

Password strength is measured in entropy — a number of bits that represents how many guesses an attacker would need to find the password on average. Entropy depends on two things: the size of the character set (how many possible characters can appear) and the length (how many characters there are).

The formula is straightforward: entropy = length × log₂(charset size). A password using lowercase letters only (26 characters) at length 8 has about 38 bits of entropy. Add uppercase (52) and you get 46 bits. Add numbers (62) and you get 48 bits. Add symbols (95) and you get 53 bits. Length 12 with all four character classes is about 79 bits.

The headline result: length beats complexity. Adding two characters to a lowercase-only password (10 chars instead of 8) buys more entropy than adding the entire symbol class to an 8-character password (8 chars with symbols). A 16-character lowercase-only password has 75 bits of entropy — more than a 12-character password with all four classes. And lowercase-only passwords are much easier to type.

How much entropy do you actually need?

Different threats need different strengths:

• 40 bits — enough to resist online brute-force attacks (most services rate-limit). Modest.
• 60 bits — enough to resist offline brute-force at modest scale. Fine for low-stakes accounts.
• 80 bits — enough to resist offline brute-force from a nation-state actor at current GPU prices. Sufficient for the average user's most sensitive accounts.
• 128 bits — the cryptographic standard. Resists any plausible attack for decades. Overkill for human-typed passwords; appropriate for cryptographic keys.

For your password manager's master password (the most important password in your life), aim for 80–100 bits of entropy. For one-off accounts, 60 is fine if you're using a password manager that generates unique passwords (so the same one isn't shared across sites). For cryptographic keys, follow the algorithm's standard.

Step-by-step with our tool

1. Open justfiletools.com/tools/password-generator.
2. Pick a length. 16 characters is the sweet spot for typed passwords; 24+ for password manager-only.
3. Pick character classes. Default is all four (uppercase, lowercase, numbers, symbols).
4. Optionally exclude similar characters (1/l/I, 0/O) to make hand-typing less error-prone.
5. Generate. The tool uses crypto.getRandomValues — the browser's cryptographically secure random number generator. Not Math.random, which is predictable.
6. Copy the password. The tool also shows the entropy in bits so you can verify it meets your target.

The math on common password formats

To put numbers on what we use in practice:

• Single dictionary word (10,000 common words) — about 13 bits. Crackable in under a second.
• Single dictionary word + 2-digit number ("password42") — about 20 bits. Crackable in seconds.
• Three random dictionary words (xkcd-style "correct horse battery staple") — 30+ bits if drawn from a real random list. The phrase is memorable and decent for human-typed use.
• 10-character random lowercase — 47 bits. Resists online brute-force.
• 16-character random all-classes — 105 bits. Resists offline brute-force.
• 32-character random all-classes — 210 bits. Cryptographically strong.

The XKCD-style passphrase deserves a note. The famous comic ("correct horse battery staple") suggests four random common words is stronger than a typical "complex" password. With a dictionary of 8000 common English words, four words is log₂(8000⁴) ≈ 52 bits. That beats most password-with-special-chars rules and is easier for humans to memorize. The catch: the words must be drawn randomly from a list, not chosen by a human (humans don't pick uniform at random, they pick familiar words and patterns).

Common pitfalls

Reusing passwords across sites. The biggest single password security issue. Pick a strong unique password per account using a password manager. If one site is breached and your password leaks, attackers try the same password on every other site you might have. With unique passwords, the breach is contained to the one site.

Trusting password strength meters. Most sites' password strength indicators are heuristic-based and don't capture true entropy. "Strong" by their metric can mean "you added a number and a capital letter to a dictionary word", which is actually weak. Trust the bit-count from our tool over a site's color bar.

Using passwords as the only auth factor. Even strong passwords can be phished. Enable two-factor authentication (2FA) on every account that supports it. The combination of a strong password and 2FA is much stronger than either alone.

Writing the master password down somewhere insecure. If you can't memorize your password manager's master password, the next-best step is writing it on paper and storing the paper somewhere physically secure (a safe). Don't store it in a file on the same computer that has your password manager — that defeats the purpose.

Alternative approaches

• Password manager built-ins. 1Password, Bitwarden, KeePass, and every other modern password manager has a built-in generator. Use it — they're cryptographically sound and integrated with the manager's auto-fill.
• Diceware. The XKCD-style approach with a published word list (7776 words). Roll physical dice five times per word; convert to the word in the list. Five words gives ~64 bits, memorable.
• Passphrases. A sentence you can remember, with deliberate typos or substitutions for added entropy. "ThePurp1eMonkey$Ate@Banana!" is memorable and has decent entropy. Weaker than pure random but acceptable for memorable contexts.

Privacy considerations

The password generator runs crypto.getRandomValues in your browser. The generated password never leaves your tab unless you explicitly copy it (and even then, only the clipboard sees it, not the network). Verify in DevTools — no requests during generation. For passwords that protect anything important, this matters; generators that send the password to a server (or that use Math.random instead of crypto) are weaker by design.

Related tools and guides

• Password Generator — the tool this guide covers.
• UUID Generator — for unique non-secret identifiers.
• Hash Generator — SHA-1/256/512 of text input.
• File Hash Verifier — verify downloaded files.