BORDERSTONE

Strong passwords

This tool uses the crypto object of your web browser to generate random numbers, and from that randomly generate strings which make very strong passwords, the longer the better. All passwords are generated locally (i.e: on your computer) so they are never sent over the internet.

Strong passwords contain a high amount of entropy. This is difficult to measure, but essentially a password becomes stronger the more unique characters it contains and the longer it is. For example, a password with 64 characters generated using the default properties on this page would take approximately 1.3*10171 years to guess through brute force against a weak web service (assuming a 10 millisecond reponse time from the server, 100% uptime and no request limits). That is several billion times longer than the universe has existed

Never reuse passwords across multiple services, since this essentially means that an attacker can gain access to multiple accounts by cracking a single password.

Use encryption

Whenever possible, use an encrypted connection when submitting your password, since it can be sniffed from your network traffic relatively easily otherwise. Most web browsers will tell you if your connection is encrypted. Also avoid public WiFi for the same reason. Use an encrypted VPN if you are traveling or have to use an unprotected connection.

Avoid social engineering

Social engineering is when an attacker manipulates users to divulge sensitive information. Allways make sure when you are entering you password that the page or application where you are entering it truely belongs to the people who they say they are (for websites, you can check the URL in the address-bar). Never give anyone your password unless you are absolutely certain that they should have it.

Generator

Password length:

Source characters:

Generated password: