Password Generator FAQ
Answers to common questions about safety, privacy, strength rating, passphrases, and how to create strong passwords. Return to the generator.
01 Is this password generator safe?
Yes. Generation happens locally in your browser and uses cryptographically secure randomness (the Web Crypto API). No generated password is ever sent to a server.
02 Do you store or log generated passwords?
No. Nothing is stored or logged. The only data written to your browser is your theme preference (light or dark). Generated passwords never touch localStorage or any network request.
03 What is the security rating based on?
The strength bar is powered by zxcvbn-ts, which detects dictionary words, keyboard walks, dates, repeated characters, and common substitutions. We also calculate Shannon entropy (bits) as a secondary measure. Both run entirely in your browser.
04 What length should I use?
For most accounts, 16–20 characters with multiple character types is a strong baseline. For high-value accounts (email, banking, password manager master password), use 24+ characters or a long passphrase. If symbols are not allowed, add more length to compensate.
05 Can I type my own password here?
Yes. The password field is editable and strength analysis updates locally as you type. Nothing you type is sent anywhere.
06 What characters should a strong password include?
A strong password typically mixes uppercase letters, lowercase letters, numbers, and symbols. The more character types you include, the larger the pool each character is drawn from, which multiplies the total number of possible passwords an attacker must search through.
07 What is a passphrase and when should I use one?
A passphrase is several random words joined together — for example, 'correct-horse-battery-staple'. It is easier to memorize than a random character string while remaining highly resistant to brute force. Passphrases are ideal for master passwords and anywhere you need to type from memory. Use the Passphrase Generator to create one.
08 Is an online password generator safe to use?
It depends on how the generator works. InstantPassGen generates passwords entirely in your browser using the Web Crypto API — no network requests are made and no server is involved. You can verify this by checking your browser's Network tab: it will show zero outbound requests when generating a password.
09 How is this different from using a password manager's built-in generator?
Password manager generators are also good options. InstantPassGen is useful when you need a quick, one-off password without opening your password manager, when you want to verify a strength estimate independently, or when you need batch generation or passphrase options not available in your manager.
10 Does InstantPassGen work offline?
Once the page has loaded, yes — all generation runs in your browser with no network calls. For reliable offline use, you can save the page or use it as a PWA if your browser supports it.