CDRN

Generate a secure password

  • Dashboard
  • Documentation
  • API
generate strong random passwords (CSPRNG) from 4 to 1024 characters, with fine-grained control over character classes: uppercase, lowercase, digits and symbols

Why generate secure passwords?

Generating secure passwords is essential to protect online accounts and sensitive data from attacks. Strong, unique passwords for each account reduce the risk of compromise in case of a data leak or brute-force attacks. Using a password generator helps you create complex passwords that are hard to guess.

Characteristics of generated passwords

This password generator lets you create custom passwords to your needs. You can set the password length, as well as the character types to include: uppercase, lowercase, digits and special characters.

How to generate passwords

On the generation page, you can specify your password criteria, such as the length and character types to include. Once the criteria are set, click the button to generate one or more passwords.

As soon as a password is generated, it will be displayed in a result area. You can easily copy the password(s) with the dedicated copy button.

Example of a generated password

Here is an example of a password generated with a length of 12 characters, including uppercase, lowercase, digits and special characters: 


A7f!k3B#d8E2

Frequently asked questions

What password length should I pick?

In 2026, common recommendations (ANSSI, NIST, OWASP) hover around 12 characters minimum for a standard account, and 16 characters or more for a sensitive account (administrator, vault, primary mailbox). With a full alphabet of 94 printable characters, a 12-character password already reaches about 78 bits of entropy, which resists offline brute-force attack on consumer-grade hardware.

Length or complexity: which matters most?

Length wins by far. Doubling a password's length multiplies its search space by a huge factor, whereas adding a character class only widens the alphabet. A 20-character passphrase in lowercase is stronger than an 8-character word with uppercase, digits and symbols. Go for long passwords before trying to make them exotic.

What is password entropy?

Entropy measures the unpredictability of the password, expressed in bits. For a truly random password of length L drawn from an alphabet of N characters, the entropy is L × log2(N). A 12-character password drawn at random from 94 symbols offers about 78 bits. Below 60 bits, the password is considered attackable offline. Above 80 bits, it becomes practically out of reach.

Is the generated password transmitted or stored on the server?

No. Generation runs in your browser using crypto.getRandomValues(), the cryptographically secure API exposed by modern browsers. No password is sent to the server, logged, or cached. You can use the tool offline after the initial page load, which makes it a safe tool to generate sensitive secrets.

Should passwords be changed regularly?

Recommendations have evolved. NIST and ANSSI now advise against regular automatic rotation without a reason: it pushes users to pick weak variants. Only change a password if you suspect a compromise, if it appears in a leak (test on Have I Been Pwned), or if it is shared with someone who no longer has access. Prefer long, unique-per-site passwords, stored in a manager.

Why avoid passwords built from a dictionary word?

Modern attacks do not test combinations one by one, they start from huge dictionaries (words, first names, dates, substitution patterns like @ for a) then apply mutation rules. Password123! falls in seconds. Prefer a truly random password generated by a tool like this one, or a passphrase made of several independent words drawn at random (diceware method).

Example request

curl -X POST https://cdrn.fr/api/v1/tools/password-generator/execute \
  -H "Content-Type: application/json" \
  -d '{"length":32,"uaz":true,"laz":true,"09":true,"symbol":true,"quantity":1}'

Input schema

Field Type Required Default
length integer 32
uaz boolean true
laz boolean true
09 boolean true
symbol boolean true
quantity integer 1

Endpoints

  • GET https://cdrn.fr/api/v1/tools - lists every available tool
  • GET https://cdrn.fr/api/v1/tools/password-generator - returns the schema for this tool
  • POST https://cdrn.fr/api/v1/tools/password-generator/execute - runs this tool with a JSON payload