ToolsTuna
    Utilities

    How to Generate a Truly Strong Password (and Why Most Aren't)

    May 20, 20266 min read

    Why Your "Strong" Password Probably Isn't

    Most password strength meters are theater. They count whether you used an uppercase letter, a digit, and a symbol, give you a green bar, and call it a day. `P@ssw0rd!` clears every box and shows up in the top 100 of every leaked password list ever published. `Summer2024!` does too. So does `Liverpool#1`. The meter is measuring **structure**, not **randomness** — and structure is exactly what attackers exploit.

    Real password strength has one and only one definition: **entropy**, measured in bits. Entropy is the log₂ of the total number of passwords your generation process could have produced. If your process could have produced a million different passwords, that's about 20 bits of entropy. If it could have produced a quintillion, that's about 60. The higher the number, the longer an attacker has to guess.

    How Attacks Actually Work

    Forget the movie image of someone typing guesses into a login screen. Real attacks happen **after** a database breach, against the stolen password hashes, offline, in parallel, at terrifying speed. A modern GPU rig can test:

  1. ~100 billion guesses per second: against fast hashes like MD5 or SHA-1 (still depressingly common)
  2. ~10 billion guesses per second: against unsalted SHA-256
  3. ~1 million per second: against bcrypt with a reasonable cost factor
  4. ~1,000 per second: against well-tuned Argon2id (the current best practice)
  5. The attacker doesn't try random strings — they try every leaked password from every prior breach first, then dictionary words, then dictionary words with common substitutions (`a → @`, `o → 0`), then short combinations, *then* brute-force. A password like `Summer2024!` is in the first few million guesses. A truly random 16-character password from a 94-symbol set has ~104 bits of entropy — about 20 quintillion times more candidates than the entire combined attacker-known dictionary.

    The Entropy Cheat Sheet

    Rough guidance for entropy in bits:

  6. < 40 bits: — Weak. Crackable in days or less even against bcrypt.
  7. 40–60 bits: — Fair. Safe against unsalted fast hashes, borderline against modern offline attacks.
  8. 60–80 bits: — Strong. Centuries to crack against any current hash function.
  9. 80+ bits: — Excellent. Beyond any plausible attack for the foreseeable future, including from nation-state attackers with cloud-scale budgets.
  10. For a fully random password from a mixed character pool, entropy is roughly **length × log₂(charset size)**:

    Lengthlower+upper+digit (62)+ symbols (94)
    8~48 bits~52 bits
    12~71 bits~79 bits
    16~95 bits~104 bits
    20~119 bits~131 bits

    That's only true if the password is *actually* random. `Aaaaaaaa` and `R7%kQ2pXz9!` are both 8 and 12 characters but have wildly different entropies.

    The Source of Randomness Matters

    `Math.random()` is not a cryptographic source. Neither is any function that calls it. They're deterministic pseudo-random generators designed for graphics and games, predictable enough that two browsers can produce the same sequence. Using them to generate passwords is a critical vulnerability — and far more web tools do it than admit it.

    The right source is a **CSPRNG** (cryptographically secure pseudo-random number generator):

  11. In the browser: `crypto.getRandomValues()`
  12. In Node: `crypto.randomBytes()`
  13. In Python: `secrets.token_bytes()` (not `random`)
  14. In Go: `crypto/rand`
  15. Our [password generator](/password-generator) uses `crypto.getRandomValues()` exclusively, with unbiased rejection sampling so each character has exactly equal probability (naïve `% n` mapping introduces tiny but real bias). Everything runs in your browser — open the network tab and watch.

    Passwords vs Passphrases

    For passwords that live in a password manager, **random character strings** are optimal — shortest possible string for the most entropy per character. 20 characters of mixed alphanumerics and symbols is overkill for almost any service and easy to autofill.

    For passwords you have to **type by hand** or **read aloud** — disk encryption, master passwords, Wi-Fi codes, root passwords, password-manager master keys — random strings are miserable. A 20-character symbol soup is nearly impossible to type without errors and impossible to dictate over a phone call. **EFF-style passphrases** are the answer: 5–7 common words separated by a delimiter (`coral-cabin-anchor-pixel-fennel`). They land at 60–90 bits of entropy with the right number of words, are dramatically easier to remember, and survive phone calls and handwritten sticky notes intact.

    The Pitfalls of Filters

    Many systems still impose maximum lengths (12, 16, 32), forbid certain symbols, require certain symbols, or silently truncate long passwords on storage but not on login (an entire category of bugs). Our generator gives you toggles for the common requirements: minimum one character from each chosen set, exclusion of visually similar characters (`i` / `l` / `1`, `o` / `0` / `O`), exclusion of ambiguous shell-special symbols. Use them when needed, but understand each filter costs a small number of bits of entropy. At lengths of 16+, it barely matters.

    Practical Recipe

  16. Use a password manager: as the primary defense. 1Password, Bitwarden, KeePassXC. Generate unique random passwords for every site and let the manager remember them.
  17. For each site password: 20 random characters, mixed case + digits + symbols, from a CSPRNG. ~130 bits, autofilled.
  18. For your password manager master key: 6–7 word passphrase from a real wordlist. ~80 bits, memorable, typeable.
  19. For backup codes and seed phrases: write them down on paper, store in a secure place, never type them into any web form except the one issuing them.
  20. Turn on TOTP/WebAuthn: for everything that supports it. Even an excellent password is one factor; second-factor makes the rest of the password math nearly irrelevant.
  21. Rotate when compromised: , not on a schedule. Forced 90-day rotation produces `Summer2024!` → `Autumn2024!` patterns — known weak.
  22. When to Regenerate

  23. Any time a service you use is breached (check [haveibeenpwned.com](https://haveibeenpwned.com))
  24. When sharing access ends — leaving a job, removing a contractor, changing roommates
  25. After an event that may have compromised the device (suspected malware, lost laptop)
  26. Never just "because it's been a while" — random passwords don't degrade
  27. Conclusion

    A strong password is a random password from a cryptographic source, long enough to put it beyond any plausible attack. Everything else — character classes, special characters, leetspeak substitutions — is theater. Use a [password generator](/password-generator) that runs locally with `crypto.getRandomValues()`, store the result in a manager, layer TOTP or WebAuthn on top, and stop spending mental energy on remembering character sequences. Spend it on the one passphrase you actually have to remember: the master key.

    Ready to try it?

    Use our free tool — no signup, no watermarks, no limits.

    Related Articles

    Get in Touch

    Questions, feedback, or partnership ideas? Send us a note.