20 Character Password Generator

Generate a 20-character secure random password locally for high-value accounts, password managers, WiFi, and work logins.

Generated locally · never uploaded or saved

Generated passwords

Default 10 characters · 10 passwords · uppercase + lowercase + numbers

Transparent local analysis

Randomness and character distribution

This chart summarizes the current generated batch without exposing its password text. A small sample cannot prove random-number quality.

Randomness and character distribution
Sample size	0
Theoretical entropy ceiling	—
Uppercase	0
Lowercase	0
Numbers	0
Symbols	0
Repeated passphrase words	0

The ceiling assumes the selected generator model is uniform. It is not a guarantee for a reused, human-chosen, or exposed password.

Local security workspace

Session-only generation history and export

This panel keeps only batch metadata in session storage. Password text stays in memory and is exported only if you explicitly choose it.

Warning: exported files may contain sensitive passwords. Save them only in a trusted location.

Recent local batches

Recent local batches
Time	Mode	Count	Length	Entropy

Generate a password batch to see local metadata here.

Local security check

Password crack time estimator

See how common words, patterns, and length affect an estimated attack time.

Password to evaluate

Evaluated only in this browser. Never uploaded, logged, or saved.

Estimated time · offline fast hash (10 billion guesses/second)

Enter a password to estimate

Compare four attack scenarios

Online, rate limited (100/hour): —
Online, no rate limit (10/second): —
Offline, slow hash (10,000/second): —
Offline, fast hash (10 billion/second): —

Estimate only—not a guarantee. Actual time depends on password storage, hashing cost, attacker hardware, and whether the password is reused or exposed.

About this generator

This 20-character preset gives additional margin over common minimums while staying practical to store in a password manager.

This preset starts with characters mode and generates 10 independent results at a time. Every visible setting remains adjustable, and generated values are not sent to PwdGen.

When to use it

Email and work accounts
WiFi passwords
Accounts protected by a password manager

Alphabet size, entropy, and brute-force assumptions

The theoretical entropy ceiling is calculated as H = L × log2(A), where L is the generated length and A is the number of currently permitted characters.

Length	Alphabet	Search space	Entropy ceiling	Average at 10 billion guesses/s
20	68	68²⁰	121.7 bits	7.08e18 years

Important: these are mathematical estimates for uniformly random values. Required positions, restricted counts, repeated passwords, dictionary patterns, leaked credentials, and real password-hashing costs can change the result substantially. The figure is not a security guarantee.

Why this length or rule matters

An exact 20-character preset is useful when a system publishes a fixed length or when teams need to test a length-specific policy. Longer, uniformly random credentials provide more guessing resistance when the destination accepts them.

Common applications

Email and work accounts
WiFi passwords
Accounts protected by a password manager

How to use the result safely

Prefer 20 or more characters for important accounts
Keep every result unique
Enable MFA or passkeys where available

Important limitation: Some legacy systems may reject long passwords or symbols. If that happens, follow the destination policy and avoid reuse.

Generation and privacy method

The preset uses the browser Web Crypto API for random selection. Regenerating, changing settings, selecting, and copying results do not send generated credentials to PwdGen. The password crack-time estimator also runs locally and is an estimate, not a guarantee.