Every developer has been there: you're setting up a new database, spinning up a staging environment, or configuring API keys and you need a strong random password right now. You could reach for openssl rand -base64 32 in your terminal — if you remember the flags. Or install a password manager CLI. Or just mash your keyboard and hope for the best.
The simpler option is a browser-based generator that uses crypto.getRandomValues() under the hood. Nothing leaves your machine, the entropy is cryptographically sound, and you don't have to install anything.
The Password Generator on EvvyTools does exactly this. You set your length, toggle character types (uppercase, lowercase, digits, symbols), and it generates passwords with real-time strength analysis. It shows entropy bits and estimated crack time, which is useful when you need to hit specific security policy requirements — like the NIST SP 800-63B guidelines that recommend a minimum of 8 characters but practically suggest 15+ for machine-generated credentials.
"Half the passwords I've seen in client
.envfiles would take a commodity GPU about four minutes to brute-force. A proper generator is the lowest-effort security win you can make." — Dennis Traina, 137Foundry
What I appreciate is the passphrase mode. For secrets I need to type occasionally — like SSH key passphrases — a four-word passphrase with a separator hits 70+ bits of entropy while being memorizable. The tool lets you switch between random character and passphrase modes without leaving the page.
For a completely different kind of conversion problem, the team recently published a guide on converting oven recipes to air fryer settings — same idea of using the right tool to avoid guessing.
One tip: when generating passwords for database connection strings, avoid characters that need escaping in shell contexts — specifically ', ", \, and backticks. Most generators include these by default, which creates headaches when the password ends up in a Docker environment variable or a YAML config. The EvvyTools generator lets you toggle symbols granularly, which saves a round of debugging later.
Top comments (0)