faq

How Does the Random Password Generator Work?

A unique, complex password is your first line of defense against hackers. But what defines a strong password, and why is it more effective?

Why do I need a complex password?

To you, your passwords are the keys to your accounts. To hackers and other bad actors, your passwords are a gateway to your digital life, including your sensitive personal information, money, and undisclosed business data. Even the hack of “unimportant” information could cause your other accounts or private life to be compromised.

Hackers exploit cybersecurity weaknesses through social engineering, machine learning, and processing power. Typical weaknesses include:

  • Including personal information in passwords
    Any type of personal data, like your street address, anniversaries, or pets’ names, can be used against you. Hackers find this information through channels like social media, open sources, and more.
  • Common phrases and strings
    Hackers use databases of password vocabularies, breached archives, and system defaults to attack popular passwords like “root,” “mypassword,” or “admin12345”. Moreover, simple number and character combinations are the simplest way to commit brute-force hacks.
  • Password reuse across several accounts
    Even the strongest password becomes weak once compromised. Hackers scan the network for matches to hack the rest of the accounts reusing the compromised password.

To protect your data, you must use a different complex password for every account you create.

What makes a password strong?

A strong, secure password is one that isn’t easy to guess. Every password you create should be both unique and random, and they should never be reused. Best practice is to create a password which is over 12 characters long and includes a combination of symbols, numbers, and upper- and lowercase letters.

It can be difficult to create a truly unique, random password on your own – and it’s even harder to memorize them. A password generator makes the process easy, though. Set the parameters and let the LastPass generate, save, and memorize secure passwords for all your accounts.


Why a password generator is the best way to create secure passwords

The LastPass password generator removes the stress of generating secure passwords for all your accounts by doing it for you.

It’s completely random

There’s no human factor with the LastPass password generator. Users or admins can set password generation requirements – password character length, characters used, whether it’s easy to read – and let LastPass handle the rest. Best of all, you can seamlessly generate passwords right from within the LastPass app or browser extension.

Generating a completely random password with numbers, symbols, and uppercase and lowercase letters has never been simpler.

illustration8colarticlepassgen21svg

It’s part of your password management solution

When you create a password from the LastPass app or browser extension, it’s saved directly to your password vault, making creating new online accounts a breeze.

Whenever you need that password again, LastPass will autofill it for you, no matter your device or browser. With LastPass, you can simply and securely access your passwords from anywhere.

Furthermore, its security dashboard and 24/7 dark web monitoring keep you informed of your password habits, notifying you of weak passwords and potential breaches so you can immediately update your passwords.

Your passwords are always protected with LastPass from generation to storage to access.

illustrationhalfscreennewautofillcardaddress2svg

It’s encrypted and secure

LastPass is committed to protecting users’ data. Passwords are only ever accessible on a user’s device thanks to device-level encryption, and our data encryption model ensures no one can see a user’s passwords but themselves. Any password generated and saved is safely stored away and never known to anyone but the user who generated it.

img_illustration_visual_business_half-screen_passwordless-biometrics_1-svg


Is the LastPass password generator safe?

Yes. The LastPass password generator creates random, secure passwords based on the parameters set by and admin or you, the user. Every password generated is tested against the industry-standard zxcvbn library – a password strength estimator influenced by password hackers – to determine the strength of the generated password.

Once you have saved the generated password to your password vault, it is automatically stored and encrypted so only you have access to it.


Frequently asked questions

What is a Master Password?

LastPass users have a Master Password which allows them to decrypt their encrypted password vault. When you enter your Master Password, it is applied to a cryptographic function that creates a key that encrypts (or decrypts) your vault, providing access to your saved credentials.

It’s a part of the zero-knowledge encryption model LastPass is built on, meaning the only person who uses and knows your Master Password is you – LastPass never stores it. Moreover, LastPass never has access to your unencrypted vault or the passwords stored inside it.

How do I create a complex password that’s easy to remember?

A complex password is a password that’s a minimum of 12 characters in length and is comprised of a variety of numbers, symbols, and upper- and lowercase letters. It should also avoid using identifying information – personal information a hacker could find from a Google search or scouring your social media accounts – and whole words.

Creating a memorable, strong password can be difficult. And if it’s a password you need to remember, like your LastPass Master Passwords, you want to make sure it’s both uncrackable and easy to memorize. A good rule of thumb is to use a mnemonic device or an acronym, one that includes symbols and numbers.

For instance, say The Beatles’ “Hey Jude” is your favorite song. Make a password out of the first letter of the lyrics, alternating lowercase and uppercase letters.

So “Hey Jude, don’t make it bad. Take a sad song and make it better” becomes: hJdMiBtASs&MiB

Now just add in some other symbols and numbers, ones that you’ll be able to remember – such as the year the song was released (1968). So your password becomes: $1hJd9MiB6tAS8s&MiB!

This is a memorable password that’s incredibly strong – it’s over 16 characters long, has a mix of letter casing, and uses various numbers and symbols.

For any passwords beside your Master Password, rely on the LastPass password generator to create a unique, strong password for you. Then save it to your vault and LastPass will autofill it the next time you need it.

What password cannot be hacked?

Unbreakable passwords are at least 12 characters long, mix upper- and lowercase letters, have numbers, and use several symbols.

A good example of a strong, random password is: P03$cEw^b7gH@uY!2

Most of all, you should never reuse your password. Because even if a password is strong, it can be cracked if it’s reused for multiple accounts. If one of your accounts gets hacked – say, your Facebook password gets leaked due to a breach of Facebook itself – any other accounts that use that password are at risk of getting hacked.

You should always generate a unique, strong password for every account you already have or create. The LastPass password generator makes that an easy task.

Can I use the password generator to create a username?

Technically you can; however, it’s recommended you use the LastPass username generator tool.

Our username generator tool will not include any numbers or symbols, which some websites do not allow in their usernames. In combination, you can use the username generator tool to create a random username and truly secure the account you’re creating by using the password generator tool to generate a strong password.

Learn more about the LastPass Password Generator

Create, manage, and store strong passwords with LastPass

Try LastPass Premium free for 30 days. No credit card required.