How strong is a 8-character password?
Eight characters is the old minimum many sites still enforce — fine for a throwaway account behind a rate-limited login, but short enough that you should not reuse it anywhere that matters.
With the character sets shown above, each position is drawn from a pool of 94
possibilities, so this password carries roughly 52 bits of entropy —
about 1016 equally likely combinations. Every character comes
from crypto.getRandomValues() using rejection sampling, so there is no
modulo bias skewing the result. Press the button above to generate a fresh one; the
entropy and crack-time figures update live if you change the length.
Want a different length or a memorable alternative? The full password generator lets you set any length from 8 to 128, and the passphrase generator builds word-based secrets that are easier to type. To see why a longer password is exponentially harder to crack, read how password entropy works.