Maximum-security passwords with full control over length and character sets
A minimum of 16 characters is recommended for strong security. For high-security accounts, use 20+ characters. Each additional character exponentially increases the time needed to crack the password.
Yes. Including symbols alongside uppercase, lowercase, and numbers maximizes the character set from ~62 to ~95 characters, making brute-force attacks significantly harder.
Yes. KeyForge uses the Web Crypto API (crypto.getRandomValues), which provides cryptographically secure random numbers. This is the same randomness source used by TLS/SSL encryption.
Password reuse is the single biggest preventable security risk for individuals. When a service you use suffers a data breach and your password is exposed, attackers immediately test that email/password combination on hundreds of other services — this is called credential stuffing. In 2023, major credential stuffing campaigns were found to use lists of 10+ billion previously leaked credentials.
The solution isn't memorizing hundreds of strong passwords — that's impossible. It's using a password manager to store unique random passwords for every account, protected by one strong master password you do memorize. Generate a new strong password for every account, save it to your manager, and never think about it again.
Check if your email has appeared in known data breaches at HaveIBeenPwned.com (a legitimate security resource maintained by Troy Hunt, a Microsoft Regional Director). If it has, change passwords for those services immediately — and use our Strong Password Generator to generate fresh, unique replacements.