Feature
LastPass password generator
Instantly generate a secure, random password – from anywhere, on any device – with this LastPass online tool.
Tips for creating a strong password
A strong password is a unique, random password stored in a safe place. However, it isn’t easy to memorize completely random passwords. Password managers like LastPass – with their built-in customizable password generator and encrypted vaults – solve all these problems for you.
Free trial for all plans available. No credit card required.
A unique password is your first line of defense against hackers. It would take a hacker approximately 34,000 years to hack a unique 12-character password – and without that credential, the likelihood of a hacker breaching your account is near zero.
Creating a strong password is easy with the following tips:
- Make sure your passwords are at least 12 characters long and contain letters, numbers, and special characters.
- When you create a password on your own, use random characters, but don't follow easy-to-recognize patterns – e.g. “qwert” or “12345.”
- Avoid using similar passwords that change only a single word or character.
- Don’t use any personally identifiable information in your passwords – e.g. date of birth, year of marriage, name of the street you live on, name of your pet.
- When in doubt, use the LastPass password generator to create random, unique, strong passwords.
The average person has over 100 online accounts, each of which requires an email address or username and a password to create and access. It’s impossible to remember 100+ passwords on your own. Some people rely on password notebooks and sticky notes to remember their most important passwords; other people fall back on password reuse, using an easy-to-remember password for many of their online accounts. However, while convenient, the reuse of weak passwords poses a very serious risk. 85% of data breaches involve a human element. These breaches are caused by things like:
- Human error – like losing the post-it note your password was written on
- Stolen credentials – a hacker stealing a password you reuse for multiple accounts
- Phishing – a hacker gaining access to your account through an email scam
In most of these instances, a primary cause of the data breach is the reuse of weak passwords. There’s a disturbing fact, though: 92% of people know they shouldn’t reuse passwords, but 65% still do it anyway.
Using a password manager makes creating and remembering strong passwords simple. LastPass securely stores your passwords in an encrypted vault and autofills them when needed. It also includes a built-in password generator to create unique passwords for every account—so you never have to reuse passwords again.
Additional security features of LastPass include:
- Proactive protection against poor password hygiene and data breaches through the security dashboard, which will notify you of reused, weak, and compromised passwords.
- Secure sharing with other LastPass Premium and Families users to avoid risky behavior, such as sharing passwords by text message or email.
- Encrypted storage of an unlimited number of passwords and up to 1GB of files to protect your most sensitive information against hackers.
8 Common Password Mistakes
While it’s easy to use personal information for your password (it makes it simple to memorize your passwords), it makes it easier for hackers to brute-force hack your accounts. Why?
With Google, Whitepages, and social media, it’s easier than ever to find your personal information online, including:
- The names of your spouse, children, parents, or pets.
- Your favorite band, sports team, or vacation spot.
- Important dates like your birthday, anniversaries, or your child’s birthday.
- Your home address – house number, street name, town, zip code, or state.
Avoid using identifying information, as it could be tacked down by a malicious actor to compromise your personal information.
The most popular passwords use simple to remember patterns. It’s important to create random passwords to avoid falling prey to such patterns – this includes numbers, letters, symbols, and capitalization. For example, rather than a “abc123”, make a random password like “A2km?84B!eHcD3$”.
Most new devices – internet routers, smart home devices – come with a default password, often as simple as “password”. They’ll also include a warning which tells you to change the default password to something stronger once logged in.
However, many people still keep that default password. This is a significant security risk as a hacker who knows what devices you’re using in your home could easily hack them and gain access to more of your personal information and digital accounts.
Never reuse a password. While convenient, the risk isn’t worth it. If one of your accounts gets breached, others are sure to follow: first it’s your Facebook account, then your Gmail, and finally your bank account. Protect every account you create by always generating a unique, random password.
Storing your passwords in Microsoft Excel or Windows Notepad may feel convenient, but it’s a significant security risk. Your passwords are easily accessible when stored in their unencrypted, plain-text format – the most novice hacker could compromise your entire digital life in seconds.
You need to store your passwords in an encrypted password manager, which safeguards your passwords and most sensitive information so only you can access them.
If you’re not using a password manager, you may think the easiest way to share your passwords with friends and colleagues is through email, by text message, or through Slack. Doing so compromises your passwords, though. You or whoever you’re sharing your password with may have unknown malware. And even if it’s safe to do so at the time being, that password could be stolen in a future data breach.
Instead, only share your passwords through a safe method, such as through an encrypted password manager.
While “19musicman56” and “35musicman73” are different, they’re far too similar. If the first passwords were ever compromised, it wouldn’t take a hacker long to guess the second.
A strong password is one that resembles nothing like another password you’ve created or generated in the past. Use a password generator to avoid creating passwords that are essentially the same as one another. The LastPass password generator will create a truly random password every time.
If you haven’t updated an account password in years, it could be weaker than you remember. And even if your generated password is strong, there’s a chance it could be compromised in the future.
Data breaches – where users’ personal information and passwords are stolen – happen to businesses, from social media companies to eCommerce shops. If you’re unaware your password was leaked in the past, it’s continually putting the rest of your accounts at risk. A password manager like LastPass informs you of your password security around the clock, with an up-to-date security dashboard – which monitors password strength across your accounts – and dark web monitoring, which constantly scans the dark web for compromised credentials. Once notified of a weak password or potential, you can immediately take action to update your passwords and protect your personal information.
Learn more about the LastPass password generator
FAQ
How does the random password generator work?
What defines a strong password, and how does the LastPass password generator create unique, random passwords every time?
Comparison
LastPass vs built-in password managers
Learn how standalone password manager like LastPass compares to free built-on solutions.