Password Strength:

Secure Password Generator

Please use a password manager such as 1Password (Paid) , LastPass (Free/Paid) , Bitwarden (Free/Paid) , KeePass (Free) to securely store and remember generated passwords. Alternatively you can save as text file or print using the buttons below which will appear after password generation.

Password Report

See detailed information about the password below.

Password Plaintext


Password Strength


SHA256 Hash


MD5 Hash


SHA1 Hash


SHA224 Hash


SHA384 Hash


SHA512 Hash






SHA3_224 Hash


SHA3_256 Hash


SHA3_384 Hash


SHA3_512 Hash


Password Characters
Lowercase Characters -
Uppercase Characters -
Symbol Characters -
Number Characters -
Password Layout


    Generate Properties



    ( Click Here To Use Recommended Settings )

    Use the slider and checkboxes to define the preferences of your password then click 'generate'.



    Click here to Specify minimum character per type (Show)

    What is this Tool?

    This tool let your generate secure passwords that are uncrackable using typical methods. You have the option to create 8 - 128 Character passwords with lowercase characters, uppercase characters, symbols and numbers.

    Each password generated is converted to a MD5 and SHA256 hash and attempted to be reversed from hash value to plaintext using online rainbow tables from various sources. If the random password was reversed successfully, than the generated password is disgarded and a new password is generated and put through the same process. Once the algorithm generates a password that cannot be reversed to plaintext, it is shown to the user.

    How does this tool keep me safe?

    When you register to an online service, your password is not actually sent and stored on the website as the password you typed, however instead as a value created by running your password through an algorithm. When you then want to login to an online service, your password is put through this algorithm and compared against the value in the database and if they match, then the password is the same and therefore you are able to login.

    This is called hashing and is used to protect users in the event of a databreach as hackers don't then get the password that you typed into the website. These Hashing algorithms are designed to be one-way, and therefore irreversable- although hackers have still found ways to reverse passwords using Rainbow Tables and Dictionary Attacks which compare your hashes to attackers generated hashes in the attempt to create the same hash and therefore uncover your password.

    This tool keeps you safe because it creates passwords that have not been un-hashed before and therefore prevents attackers using typical and fast methods from finding out your password.

    Real life Example.

    Lets say we have two passwords 'aaron431' which has been created by someone and '8ddpdng9' which has been created by this generator. From the outside you may think that both passwords are safe, although 'aaron431' is actually extremely worse. Lets see why.

    1. We hash both values using sha256
      aaron431 = 37a199c360ae9f91285e88bdded7f041025a0954f5984891d280e2419b176dd4
      8ddpdng9 = ea47ff2b39a8880d902d1f7cbb672f321a081cd402646080e48c3e604d236396
    2. An attacker compromises a database using one of many methods and is able to obtain our hash value
      Phishing, SQL Injection, Brute Force, Insider Threat, Malware
    3. Attacker attempts to find password from hashes
      An attacker grabs a list of the most common passwords from 2018 - 2020 and creates a hashes for each password on the list for them to then compare against each hashed password from the database.
    4. Attacker is able to get one of the passwords!!
      As 'aaron431' is the 18th most used password within 2018 and the attacker has created a hash value for it, he was able to find the text value for the hash and therefore determine the password was 'aaron431'. Although, as '8ddpdng9' was randomly generated, is not a popular password, and does contains words, it's almost imposible that the attacker will be able to reverse this hash and find the text value of the password. Even if the attacker looks on the internet he is very unlikely to find the plaintext of this password as this generator has already scraped the internet for the text value of this password and it was unable to find it.

    ( Video Credit of Seeker )


    At a glance.

    Works everywhere

    Built using HTML5 and bootstrap to offer availability on a range of platforms that have compatible web browsers.  


    We do not collect any personal or identifiable information from you. There is no logging or processing of any your data.

    Hash Comparison

    Before a password is generated, it is hashed and compared within databases of leaked hashes to ensure the password secure.

    Free to use

    There is no fee or subscription for this service. Creation has been made to better the community. 

    Built upon 'S-T-H'

    Search that Hash (STH) is an open-source project for searching hashes online.

    Easy to use

    Create simple and advanced passwords in seconds using your own pre-determined preferences.