How strong is a 12-character password?
Twelve characters is a reasonable floor for accounts you care about; it clears the range where offline attacks against a fast hash become practical for a well-funded attacker.
With the character sets shown above, each position is drawn from a pool of 94
possibilities, so this password carries roughly 79 bits of entropy —
about 1024 equally likely combinations. Every character comes
from crypto.getRandomValues() using rejection sampling, so there is no
modulo bias skewing the result. Press the button above to generate a fresh one; the
entropy and crack-time figures update live if you change the length.
Want a different length or a memorable alternative? The full password generator lets you set any length from 8 to 128, and the passphrase generator builds word-based secrets that are easier to type. To see why a longer password is exponentially harder to crack, read how password entropy works.