Most people know their passwords are weak. They just do not know how to fix it without ending up with something impossible to remember. This tool solves that. Enter three words you will remember, and we will turn them into a password that meets modern security standards.
Pick three words that mean something to you. A place, an object, a name. Anything you will actually remember. Your words never leave your browser.
Select which character types to include (lowercase, uppercase, numbers, symbols, spaces) and set your desired password length using the slider.
Click the button. Your words are strengthened with randomised letter substitutions, capitalisation, and padding characters. The result is a password that is both strong and memorable. Copy it with one click.
Pro tip: Choose words you will remember easily, but avoid obvious personal details like your name, birthday, or company name. A combination like “telescope marble cathedral” is much harder for an attacker to guess than “sarah 1990 london.”
Standard lowercase letters. Enabled by default. Almost every system accepts these.
Capital letters. Enabled by default. The tool randomly capitalises some letters in your words and adds uppercase characters in the padding.
Digits. Enabled by default. The tool uses "leet speak" substitutions (for example, replacing "e" with "3" or "a" with "4") and adds random numbers as padding.
Special characters. Enabled by default. These dramatically increase password strength. If a system does not accept certain symbols, you can untick this.
Allows spaces between characters. Disabled by default. Some systems support spaces in passwords, which can make them longer and harder to crack. Enable this if your system allows it.
Meets basic requirements but is not recommended for important accounts.
A solid length for most accounts. Provides strong protection against brute-force attacks.
Excellent for high-value accounts like your email, banking, or admin logins. The longer the password, the exponentially harder it is to crack.
After generating your password, a strength bar appears showing how secure it is. This is based on the password’s entropy, which measures how unpredictable it is.
The password is too short or uses too few character types. Increase the length or enable more character types.
Meets minimum requirements but could be stronger. Consider increasing the length.
A solid password for most accounts.
Well above average. Suitable for important accounts.
Excellent. This password would take an impractical amount of time to crack with current technology.
The detail line below the bar shows the exact character count, entropy in bits, and the character pool size used in the calculation.
Weak passwords are still the single biggest cause of data breaches. According to Verizon’s Data Breach Investigations Report, over 80% of hacking-related breaches involve stolen or weak credentials. And it is not just the obvious ones. Even passwords that feel “good enough” are often crackable in minutes by modern tools.
xK9#mP2&vQ7!nR4$. So they reuse passwords, write them on sticky notes, or fall back to the same predictable patterns. This user password generator takes a different approach. Start with words you already know. We apply the security techniques (leet substitutions, mixed case, symbol injection, length padding) automatically. You get a password that a human can recall but a machine cannot easily crack.
You start with three words you choose. The tool strengthens them for you. That means you are far more likely to remember the result than a random string of characters.
Every random element (substitutions, capitalisation, padding characters) is generated using your browser's built-in cryptographic engine, not the weaker Math.random() found in most online tools.
Your words are processed entirely on your device. Nothing is sent to any server. Nothing is stored. Nothing is logged. The code runs locally in your browser and that is it.
A live strength meter shows you exactly how strong your password is, with entropy calculations so you know the actual security level, not just a vague "strong" label.
Need uppercase? Tick the box. Need symbols? Tick the box. Need a specific length? Use the slider. The tool adapts to whatever password policy your organisation requires.
If one gets compromised, the rest stay safe. A password manager makes this practical.
Passwords are just one piece of the puzzle. Our free IT Health Check assesses your entire infrastructure, security posture, and licensing.