I finally stopped using random password generators after a scare

Was using whatever generator came up first in Google for years. Then my coworker Dave showed me how some free generators log the passwords. He pulled up a report from 2023 showing 12,000 leaked passwords traced back to a shady generator site. Now I only use Bitwarden's built-in generator. Anyone else check where their passwords come from?

2 comments

2 Comments

lilyt9016d ago

Oh man, this is way too real! I had a similar wakeup call last year when I checked my old password manager and found like 40 passwords that were all variations of "password123" from some random generator I used in college. My brother's a security guy and he showed me how some of those free generators actually store everything you type in plain text. I felt so dumb. Now I use the one in my browser's password manager and it feels way safer. Those shady sites are scary, glad your coworker warned you before something bad happened.

sullivan.john16d ago

Hold up, I gotta push back on this a little. Most random generators are just pulling from a list, same as your browser or password manager. The real risk is the shady sites that ask for your email before they show you a password, but the simple ones that just show a string on screen? In my experience those are harmless because they don't have any way to save or send your data anywhere. I've used the same free generator for years now and never had an issue. Your coworker's report might be real, but its probably from sites that make you sign up or click on ads. The old school generators that just spit out text with no tracking are still fine.