Password Tool

Choose country, region and language

Switching language will not change or regenerate your current passwords.

Americas

Europe, Middle East & Africa

Asia & Pacific

Regional & Worldwide

60 country, region and worldwide versions · Search local and English names RTL: עברית / العربية · passwords remain LTR

12 Character Password Generator

Generate exactly 12 random characters locally, compare alphabet size and entropy assumptions, and understand when a longer password is preferable.

Generated locally · never uploaded or saved

Generated passwords

Default 10 characters · 10 passwords · uppercase + lowercase + numbers

Transparent local analysis

Randomness and character distribution

This chart summarizes the current generated batch without exposing its password text. A small sample cannot prove random-number quality.

Randomness and character distribution
Sample size0
Theoretical entropy ceiling
Uppercase0
Lowercase0
Numbers0
Symbols0
Repeated passphrase words0

The ceiling assumes the selected generator model is uniform. It is not a guarantee for a reused, human-chosen, or exposed password.

Local security workspace

Session-only generation history and export

This panel keeps only batch metadata in session storage. Password text stays in memory and is exported only if you explicitly choose it.

Warning: exported files may contain sensitive passwords. Save them only in a trusted location.

Recent local batches

Recent local batches
TimeModeCountLengthEntropy

Generate a password batch to see local metadata here.

Local security check

Password crack time estimator

See how common words, patterns, and length affect an estimated attack time.

Evaluated only in this browser. Never uploaded, logged, or saved.

Estimated time · offline fast hash (10 billion guesses/second)

Enter a password to estimate

Compare four attack scenarios
Online, rate limited (100/hour)
Online, no rate limit (10/second)
Offline, slow hash (10,000/second)
Offline, fast hash (10 billion/second)

Estimate only—not a guarantee. Actual time depends on password storage, hashing cost, attacker hardware, and whether the password is reused or exposed.

About this generator

This preset creates exactly 12 random characters with Web Crypto. Its security depends on the enabled alphabet, uniform randomness, uniqueness, and the destination’s password-storage controls.

This preset starts with characters mode and generates 10 independent results at a time. Every visible setting remains adjustable, and generated values are not sent to PwdGen.

When to use it

  • Systems that require exactly 12 characters
  • Unique account credentials
  • Testing length-specific password policies

Alphabet size, entropy, and brute-force assumptions

The theoretical entropy ceiling is calculated as H = L × log2(A), where L is the generated length and A is the number of currently permitted characters.

LengthAlphabetSearch spaceEntropy ceilingAverage at 10 billion guesses/s
1256561269.7 bits1,507 years
Example alphabetEntropy ceilingAverage at 10 billion guesses/s
62 letters and digits71.5 bits5,112 years
82 allowed characters76.3 bits146,431 years

Important: these are mathematical estimates for uniformly random values. Required positions, restricted counts, repeated passwords, dictionary patterns, leaked credentials, and real password-hashing costs can change the result substantially. The figure is not a security guarantee.

Why this length or rule matters

An exact 12-character preset is useful when a system publishes a fixed length or when teams need to test a length-specific policy. Longer, uniformly random credentials provide more guessing resistance when the destination accepts them.

Common applications

  • Systems that require exactly 12 characters
  • Unique account credentials
  • Testing length-specific password policies

How to use the result safely

  1. Confirm the destination accepts 12 characters
  2. Keep multiple character types enabled when the policy permits
  3. Save the result in a password manager
Important limitation: A long password is still unsafe if it is reused or exposed.

Generation and privacy method

The preset uses the browser Web Crypto API for random selection. Regenerating, changing settings, selecting, and copying results do not send generated credentials to PwdGen. The password crack-time estimator also runs locally and is an estimate, not a guarantee.

12 Character Password Generator FAQ

Is a 12-character password secure?

A uniformly random 12-character password can be strong, but 15–16 or more characters should be preferred when the destination permits them. Reuse and predictable patterns can defeat the benefit of length.

How long does it take to crack a 12-character password?

It depends on the permitted alphabet, randomness, password storage, and attack rate. This page shows a theoretical average for uniformly random values at 10 billion guesses per second, not a guarantee.

Are symbols better than adding more characters?

Symbols enlarge the alphabet, but adding unpredictable length is often easier and can add more search space. Follow the destination policy and use the longest accepted result.