—密码生成已完成?不妨试试这些
与密码生成器搭配使用的精选工具。继续编辑,不丢失你的文件。
哈希生成器
使用浏览器的 Web Crypto API 计算任意文本或文件的 SHA-1、SHA-256、SHA-384 和 SHA-512 十六进制摘要。
立即试用PDF 密码
Lock a PDF with an AES-128 password, or remove a password from a PDF you can already open. Free, no signup; your file is processed securely on our server and deleted automatically afterward.
立即试用JWT 解码器
解码 JSON Web Token,查看头部和载荷、检查过期时间。仅在本地运行——你的令牌绝不会离开浏览器。
立即试用Base64 编码器 / 解码器
将任意文本或文件编码为 Base64(含 URL 安全变体),或将 Base64 解码还原为文本。UTF-8 安全。
立即试用URL 编码器 / 解码器
对 URL 组成部分或整个 URL 进行百分号编码,并可解码还原。支持 encodeURIComponent 与 encodeURI 两种模式。
立即试用QR 码生成器
用文本、URL、WiFi、UPI、电话号码或电子邮件生成 QR 码。永不过期的静态 QR 码——无需注册、无需订阅、无水印。
立即试用Frequently Asked Questions
每个字符都取自 window.crypto.getRandomValues——浏览器的加密级安全随机源,与生成 TLS 会话密钥所用的是同一个。它远强于 Math.random,达到了密码管理器和安全审计所要求的熵值水平。
technical对于大多数账户,包含大写、小写、数字和符号的 16 位密码可轻松超过 80 比特熵,足以抵御离线破解。密码库主密码和 root 凭据则适合使用 24 位以上;一次性临时账户可以更短。
tips强度的估算公式为:长度 × log₂(字符池大小),以比特表示。在可预见的未来,约 80 比特以上即可视为足以抵御离线暴力破解。去掉某些字符类别会缩小字符池,相应地比特数也会下降。
technical理论上会,但对于任何合理长度的密码,这一概率都微乎其微。一个 16 位的混合字符密码大约有 10^31 种可能值——意外碰撞的概率远低于硬件故障的概率。
privacy当密码需要手写抄录或通过电话口述时,启用「排除相似字符」(i、l、1、L、o、0、O)以避免混淆。当密码需要干净地粘贴到终端或 shell 脚本中时,启用「排除易混淆字符」({} [] () /\ '"`,;:.)。
features不会。生成过程完全在你的设备上进行,最近生成的密码仅驻留在内存中,直到你重新加载标签页。不会通过网络发送、不会记录、也不会缓存任何内容。
privacy可以。开启「排除相似字符」可去掉在屏幕上或电话中容易混淆的字符(i、l、1、L、o、0、O),开启「排除易混淆字符」可去掉那些不便输入的括号、斜杠和引号。然后把长度多增加几位,以保持你想要的熵值。
tipsSwitch the mode toggle from 'Random characters' to 'Passphrase (words)' — the generator then builds a password from several random dictionary words (EFF Diceware wordlist) instead of scrambled characters, which is easier to remember and type but still cryptographically strong.
usageThe default of 6 words gives roughly 77 bits of entropy, the EFF-recommended minimum for a strong passphrase. Drag the Words slider higher (up to the maximum) for a master password protecting a password manager or crypto wallet, or lower for a passphrase you'll type frequently on a low-risk account.
tipsYes. The Separator dropdown lets you pick a hyphen, dot, underscore, space, or no separator at all. A hyphen or dot is usually easiest to type accurately on both desktop and mobile keyboards, while some login forms reject spaces in passwords.
featuresTurn on 'Capitalize each word' if a site requires an uppercase character, and 'Append a number' if it requires a digit — many login forms enforce these composition rules even for long passphrases. Both options add negligible extra memorization effort while satisfying stricter password policies.
tipsUse Passphrase mode with 7-8 words, a hyphen or dot separator for easy retyping, capitalize each word on, and append a number on — this comfortably clears 90+ bits of entropy while staying far easier to memorize and type accurately than an equivalent-strength random-character password.
tipsThe Length slider in Random characters mode runs from 8 up to 128 characters, matching the 'up to 128 characters' promise in the tool's title. For most logins 16-20 characters is plenty; push toward 128 only for systems that specifically call for an extremely long secret, like certain API tokens or hardware security modules.
technicalThe Words slider in Passphrase mode ranges from 3 words (shorter, lower entropy) to 12 words (extremely high entropy, well over 150 bits). The default of 6 words balances memorability with the EFF-recommended ~77-bit minimum for a strong passphrase.
technicalThe Regenerate button disables and the password field clears, with a hint reading 'Pick at least one character class to enable generation.' At least one of Uppercase, Lowercase, Numbers or Symbols must stay checked, since the generator needs a character pool to draw from.
usageHow Password Generator helps you get it done
Real problems it solves every day — for businesses, creators, and everyday tasks. Find the use case that fits you and start in seconds.
密码库与密码管理器的主密码
为 1Password、Bitwarden、KeePass 和 LastPass 生成高强度、高熵值的主密码,可抵御数十年的离线暴力破解攻击
随机 Wi-Fi 与热点密码
为家用路由器、办公室访客网络和临时活动热点生成既好记又安全的 Wi-Fi 密码,再也不用「password123」凑数
安全保管服务器、SSH 与数据库凭据
在搭建新的预发布和生产服务器时,为 Linux 用户账户、MySQL/Postgres 角色和 SSH 密钥口令配置强密码
新建邮箱与社交媒体账户
为每个新的 Gmail、Outlook、Instagram 和 Twitter 账户生成独一无二的密码,这样某个服务一旦泄露也不会殃及其他账户
批量客户与员工入职
为新员工账户、客户门户登录和批量 SaaS 开通流程生成一次性临时密码,并强制在首次使用时重置
加密密钥与备份口令
生成不含易混淆字符的长密码短语,用于保护 VeraCrypt 加密卷、加密备份、BitLocker 驱动器和离线加密钱包助记词
Passphrases You Can Actually Type on a TV Remote
Switch to Passphrase mode for smart TV, game console and streaming-box logins where an on-screen keyboard makes a random 20-character password painful — a hyphen-separated, capitalized word passphrase stays strong but is far faster to enter.
One-Off Handoff Credentials for Clients & Contractors
Generate a fresh, high-entropy password when handing a CMS, hosting or FTP account over to a client or contractor at project close — turn on Exclude ambiguous so the password pastes cleanly into any config file or terminal.
Lock Down Gaming Accounts Against Credential Stuffing
Give every Steam, Riot, Battle.net and Epic account its own 16+ character random password instead of reusing one across platforms — the character-class checkboxes let you match whatever composition rules each launcher enforces.
Passwords That Read Back Cleanly on Paper
For a password you'll write on a physical backup sheet or read aloud over the phone, turn on Exclude similar to drop the i/l/1/L/o/0/O characters that get misread or mistyped when transcribed by hand.
Rotating Passwords for Regulated Teams
Meet HIPAA, PCI or SOC 2 password-rotation requirements by generating a fresh 20+ character password with all four character classes enabled every cycle, keeping entropy well above audit minimums without reusing patterns.
Router & Smart-Home Device Admin Passwords
Generate a maximum-length random password with all four character classes on for a home router, NAS or smart-lock admin account you'll rarely type by hand but that needs to resist automated credential-stuffing attacks from the internet.
Pixoate