Password Generator


Hello

Do you need a new secure password? Maybe, you think you've been hacked (you can get an idea at have i been pwned?). Or, maybe you're being proactive and think it's just time to change your passwords. After all, password security guidelines recommend that you change your passwords periodically. Whatever the reason, this is a password generator to help you generate strong passwords.

The reasons above are valid themselves. But, if you're like me, you need a random password generator to create passwords when testing and creating software. That's why I created this handy, but powerful, tool. Now, I'm sharing it with you.


About Password Generator

This password generator aims to help you create strong passwords. A strong password is defined as one that is hard for other people, and computers, to figure out. These passwords help you stay safe online. These can be incredibly useful when its time for a password change.

A strong password is based on how a string of characters compares against a set of rules. The more rules that a password matches, the stronger the password. The more rules that you use when generating a password, the stronger the password. This is a fancy way of saying that, the more random and more variety of characters in use, the better.



Generate Your Safe Password


CHARACTER SETTINGS

{{ includeNumeralsLabel }}
{{ includeLowercaseLettersLabel }}
{{ includeUppercaseLettersLabel }}
{{ includeSymbolsLabel }}
{{ includeSpacesLabel }}


EXCLUSION SETTINGS

{{ excludeSimilarCharactersLabel }}
{{ excludeAmbiguousCharactersLabel }}


LENGTH SETTINGS

{{ useRandomLengthsLabel }}

YOUR NEW PASSWORD(S)
Password
Est. Crack Time
General
Strength
Relative
Strength
{{ result.password }}
{{ formatCrackTime(result.crackTime) }}

Based on your settings, there are roughly {{ formatPermutations }} password permutations possible.





Other Examples

Login Screen
login form
You've probably been asked for your password a million times. A login screen is where you'll see this request the most.

Frequently Asked Questions

1. Do you store these passwords?

No. These passwords are generated entirely in your browser. They are not sent to the Ecofic servers. If through some Elf magic, the passwords were sent to Ecofic, they would still not be stored in, or written to, the Ecofic databases.


2. Why is there a "general strength" and a "relative strength"?

These two values represent calculations of the strengths of the generated password. The general strength compares the password against all of the available characters and rules. However, some apps limit the characters that you can use. For example, a custom CRM app that you work with may allow letters and numbers in passwords. However, it might not let you use symbols like "@" in your passwords. For that reason, this tool also generates a "relative" strength.

The relative strength represents the strength when compared against the selected rules and characters. As a general rule of thumb, the relative strength will always be higher than the general strength. That is not necessarily a good thing. Rather, it's just the way the logic works. For that reason, the general strength should be favored.

If your app requires a limited set of characters for passwords, you may be at risk. You might consider updating your app security or your app altogether. If you need help with that, reach out now.


3. How are the strength ratings calculated?

The strength ratings are based on two things. First, they are based on the number of guesses a machine could take in a given second. Second, they're based on the number of characters that could, and are, used in a password. These two factors are used to identify how predictable the password is.

Once it's identified how long it could possibly take to crack a password, that time is compared against the following:

<30 days
max age (in secs.)
<1 year
max age (in secs.)
<1 millenium
max age (in secs.)
<1,000 millenia years
max age (in secs.)
<1,000 billion years
max age (in secs.)
>=1,000 billion years
min age (in secs.)

2,592,000

31,536,000

31,536,000,000

31,536,000,000,000

31,536,000,000,000,000

31,536,000,000,000,000
Table: General Ratings

The values above are used to identify the "general" strength. For the "relative" strength, a slightly different approach is used.

The "relative" strength is based on the rules you choose. Based on those rules, this tool calculates the maximum amount of time it could take to crack a password using the parameters mentioned above. The maximum amount of time is then compared against the amount of time it could take to crack the generated password. That information is taken and the following approach is used.

<50% of max time50-60% of max time60-70% of max time70-80% of max time80-90% of max time>90% of max time






Table: Relative Ratings

These ratings are not fool proof. These are estimations. In addition, things like password dictionaries are not compared with the generated passwords. Still, I've found this tool helpful.


4. What guarantee do I have this will work?

None. Use this utility at your own risk. In fact, a known flaw in this tool is that the generated passwords are not evaluated against online password dictionaries. Still, this tool has worked for my purposes. As bugs appear, I make changes to the code. But, you might try something I haven't come across or tested. If that happens, 1) Let me know and 2) Know that:

THIS UTILITY IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THIS UTILITY OR THE USE OR OTHER DEALINGS IN THIS UTILITY.