Why make a password pronounceable?

Alternating consonants and vowels form syllables your brain reads as fake words, which are far easier to type accurately and to read aloud over the phone than random character soup. The trade-off is a smaller character space per position, which you offset with extra length.

Are pronounceable passwords still secure?

They are weaker per character than fully random strings, because each syllable draws from a limited set of consonants and vowels. To stay strong, use several syllables, add digits and capitals, and treat the displayed entropy estimate as your guide.

Is the randomness cryptographically secure?

Yes. Every consonant, vowel, digit, and capitalisation choice uses crypto.getRandomValues with rejection sampling, the browser's secure random source, never the predictable Math.random.

How much entropy does each syllable add?

A consonant-vowel syllable draws one of about twenty consonants and one of five or six vowels, giving roughly seven bits per syllable. Six syllables yield around forty-plus bits before digits and capitals, so longer is meaningfully stronger.

Is anything sent to a server?

No. The password is built entirely in your browser and never transmitted or stored. It exists only on screen until you copy it.

Pronounceable Password Generator

A pronounceable password trades a little raw randomness for a lot of usability. Instead of an unreadable jumble like xK9#qZ!2, it produces fake-word strings like tuvabo-ke that your eyes and fingers handle far more reliably — useful when a password must occasionally be typed by hand or read aloud. This generator builds them from alternating consonant-vowel syllables using the Web Crypto API, with optional digits and capitals so the result still satisfies common policies. Everything runs in your browser.

How it works

The generator assembles syllables and then decorates them to meet policy needs:

For each syllable, pick a random consonant then a random vowel from curated sets (the consonant set drops awkward letters like q and x to keep syllables sayable).
Repeat for the number of syllables you choose, concatenating them into a fake word.
Optionally append digits and capitalise a random subset of letters to satisfy rules that demand numbers and uppercase.

Every choice — which consonant, which vowel, which letters to capitalise, which digits to append — uses crypto.getRandomValues with rejection sampling so the selection is unbiased and unpredictable. The tool shows an entropy estimate so you can judge strength honestly.

Strength and trade-offs

Each consonant-vowel syllable adds roughly seven bits of entropy. That is less than a fully random character, so compensate with more syllables.
Adding digits and capitals both increases entropy and helps pass policies that require them.
For a high-value account, prefer either many syllables here or a fully random password from the standard generator. Pronounceability is about convenience, not maximum strength.

No password generated here leaves your browser — it is created locally and held only until you copy it.