A strong password should include a mix of lower-case and upper-case letters, numbers, and special characters. However, the overall password length is even more important than the characters used, as password cracking programs will start with shorter password guesses before moving on to longer phrases. A very strong password should include all kinds of characters and be at least 12 characters long.
Why Randomness is Important
Another common vector of attack on passwords is to use common English words that many people have used before. This is called a ‘dictionary attack’, because the attackers will guess combinations of common dictionary words in an attempt to gain access. This is why the best passwords will include a random combination of characters, symbols, numbers, and words.
Password Security vs. Memorability
One tradeoff with generating a random password is that it can be too difficult to remember for everyday use. This is where using reputable password manager software can save you countless headaches, while simultaneously increasing your security.
Password vs. Passphrase Generator
Another option for generating a strong random password is to use a passphrase, or a combination of 4-6 words strung together into a mnemonic device. Because passphrases are often over 20 characters or longer, they are extremely resilient to brute force attacks. However, we recommend including at least 2-3 numbers or symbols to throw off any would-be dictionary attackers.
How Our Strong Password Generator Works
We built our password generator to follow all the best practices laid out above. You can choose to generate a truly random password of any length with the traditional generator. Or, you can use the passphrase generator to make things easier to remember. The password checker will then tell you exactly how secure your new password is.
What are Bits of Entropy?
Entropy bits refer to the unpredictability of your password. It is a measure used in information theory, and is based on the length of the password and character set used. The more bits of entropy your password or passphrase has, the harder it is for an attacker to guess.
What is the Charset Size?
The charset is simply the total number of unique characters in the password. For example, the password “abcdabcdabcdabcd” is a good length at 16 characters long, but not secure at all because the charset is only 4 characters. This is why using capital letters, numbers, and symbols is a necessary practice.