• +65 6652 3398
  • info@wgrow.com
  • 114 Lavender St, #07-51 CT Hub 2

Tools - Strong Password Generator

Strong & Random Password Generator

Length(6-50):
# of Password:

For security control, the passwords will be cleared after 60 mins from creating, if you do not clear them manually.

What Makes a Strong Password

Internet and System security have been improved over past many years: HTTPS, Two Way Authentications, etc. But still, a weak password may compromise highly designed security process.

Here are the few points for creating a strong Password:

  • Make your password length to be 15 chars to 20 chars; 
    Many create passwords less than 8 chars, easy to remember and to key in;
    And, easy to break;
    So keep it more than 15 chars;
     
  • Include numbers, upper case, lower case, and punctuation;
    One password with all these chars spread evenly, will make any password hacking tool impossible to create one correct combination;
    Imagine the power of math with all the possible combination of the chars (selected randomly);
     
  • Not using any existing words;
    Many password hacking tool depends on dictionary to guess passwords;
    Not even using any names;
     
  • Do not use simple replacements;
    for example, P@s5w0rd, seems to be complicated random password;
    But, it is not. It will be a hit easily in many password guessing tool;
    Avoid such simple replacements;

Hash Password with Salt

Applications will not store clear text password. This is known to any professional system developer. 

Password stored are normally hashed, which is impossible to be decrypted. 

Hash works by generating a text string for given text value, one way direction.

Means, if you give string value "googleYahooBing", the result will always be "b3f80137e981472e27170192617d55ac".

Thus, when you login into a system, the system will hash your inputs, and compare the hashed values. If hashed values match, means you password is correct, and proceed to login.

In this case, even someone managed to get the stored password value, the hashed value, they still cannot get the original password text.

But, is this safe?

NO. Answer is clear. Attackers can always create random passwords, and hash each generated password, then compare the hash value, if match, means they get your password correct. And using that password, they may be able to authenticate against other system (if you happen to use the same password, well, this is very common ... I won't create one password for each system I login into).

To avoid this kind of situation, the best way, it is to add "SALT" for each password before hashing them.

Say, still the same password, "googleYahooBing", for a system we build, we set the salt as "LyCoS" (this salt can be hard-coded, or to be random generated and stored in tables). Then before hashing, "googleYahooBingLyCoS" is the password. Now hash it, will get "73ac159e98b8338667437f7b1e748130". 

Now, even if someone manages to crack this system, and get this password, that limits the exposure to this system only.

Disclaimer:

The passwords are generated at users PC end browsers.

All passwords are not transmitted to our servers or networks.

You use the passwords generated by this page at your own risk. We do not offer any support or warranty.

We use cookies to remember selections to improve user experiences. If you do not want to store any selections, you may clear the cookies or use private surfing mode in browsers.

Contact Us
  • Our Address:
    114 Lavender Street, #07-51, CT Hub 2, Singapore 338729
    Malaysia Johor - 99-01 Jalan Adda 3/1 Taman Adda Height 81100 Johor Bahru Johor, Malaysia
  • Phone Number:
    +65 6652 3398
  • WhatsApp:
    WhatsApp Us
  • Email:
    info@wgrow.com

Reach us for a discussion