🔐

Generate Password

Generate cryptographically secure random passwords with customizable character sets.

GET 1 credit /v1/auth/generate-password

curl "https://auth.toolkitapi.io/v1/auth/generate-password?length=24&symbols=true&count=3" \
  -H "Authorization: Bearer YOUR_API_KEY"

import httpx

resp = httpx.get(
    "https://auth.toolkitapi.io/v1/auth/generate-password?length=24&symbols=true&count=3",
)
print(resp.json())

const resp = await fetch("https://auth.toolkitapi.io/v1/auth/generate-password?length=24&symbols=true&count=3", {
});
const data = await resp.json();
console.log(data);

# See curl example

Response 200 OK

{
  "passwords": [
    "k9#Gm$xR2pLw@nH7jY4qZs!v",
    "B5&tN8cFe@3wXy!mQ7rJ2hKp",
    "W6#dA9sP4gRx!mL8nZ3vY@jT"
  ],
  "entropy_bits": 149.86
}

Try It Live

Description

Generate cryptographically secure random passwords with customizable character sets.

How to Use

1

1. Set `length` for the desired password length (8–128, default: 20).

2

2. Toggle character set options: `uppercase`, `lowercase`, `digits`, `symbols` (all default to `true`).

3

3. Set `count` to generate multiple passwords at once (1–50, default: 1).

4

4. Send a GET request and use the passwords from the response.

About This Tool

The Generate Password endpoint creates one or more cryptographically secure random passwords using Python's `secrets` module. You can customize the length, included character sets, and number of passwords generated in a single call.

The endpoint calculates entropy per password based on the character set size and length, so you can verify that generated passwords meet your security requirements. A 20-character password with the full character set provides approximately 131 bits of entropy.

The `exclude_ambiguous` option removes visually similar characters (0/O, 1/l/I) — useful for passwords that might be read aloud or typed from a printout.

Why Use This Tool

User onboarding — Generate initial passwords for new accounts
Password reset — Create temporary passwords for reset flows
Service account credentials — Generate strong passwords for automated systems
Bulk generation — Create multiple passwords at once for team provisioning
Password managers — Power the generation feature in password management tools
Development/testing — Generate test passwords with specific characteristics

Frequently Asked Questions

What length should I use?

20 characters (the default) provides excellent security. For high-security contexts, use 32 or longer. The minimum of 8 is suitable only when combined with rate limiting and account lockout.

How is entropy calculated?

Entropy = length × log₂(charset_size). With all character sets enabled (26 upper + 26 lower + 10 digits + 27 symbols = 89 chars), a 20-character password has ~129 bits of entropy.

What characters are considered "ambiguous"?

The characters `0`, `O`, `1`, `l`, and `I` are excluded when `exclude_ambiguous` is `true`. These look similar in many fonts, causing confusion when passwords are communicated verbally or on paper.

Are the passwords truly random?

Yes. Each character is selected independently using `secrets.choice()`, which is backed by the OS cryptographic random number generator (CSPRNG).

Start using Generate Password now

Get your free API key and make your first request in under a minute.

Get Free API Key View Docs