Secure password generator — NIST SP 800-63B compliant
Generate strong passwords following NIST SP 800-63B guidelines. 15-character minimum, 100% local, nothing sent to any server. Free tool.
Password Generator
Customize length and character sets to generate secure passwords instantly.
NIST SP 800-63B defines the modern standard for password security. Unlike older rules that enforced mandatory special characters or regular expiration, NIST now prioritizes length and real entropy. A randomly generated password of 15 characters or more is statistically stronger than a short password with arbitrary composition rules.
This generator follows those principles: 15-character minimum, configurable charset including spaces, and generation via crypto.getRandomValues — your browser's native cryptographic API, with no network requests.
Frequently asked questions
- What is NIST SP 800-63B?
- It is the standard published by the National Institute of Standards and Technology covering digital authentication best practices. Its latest revision moves away from arbitrary composition rules in favor of length and entropy.
- Why a 15-character minimum?
- NIST recommends a minimum of 15 characters for machine-generated passwords. Length is the single most effective factor against brute-force attacks.
- Are my passwords sent anywhere?
- No. Generation is entirely local via crypto.getRandomValues. No data leaves your browser.