Create strong passwords in Windows

You know the use of strong and unique passwords is important. Not-so-secure passwords are easily cracked and we read about account takeovers all the time. In this post I show you a couple of methods of creating more secure passwords and random passwords in Windows. Where possible with PowerShell of course. Save these passwords in a password manager (I recommend Bitwarden) for easy usage.

PowerShell function

In my GitHub Gist I have a PowerShell function to "easily create a random string (or secure password) using PowerShell" you can use and add to your PowerShell Profile for easy usage. For example:

PS C:\Users\JanR> Get-RandomString 20
F4!jFy"6A50Im$mAmOOz

There is even an SQLCompliant command argument to filter out some characters you cannot use in an SQL Server Login password.

PS C:\Users\JanR> Get-RandomString 20 SQLCompliant
xIhv433dfFo1JcAp4Y2X

Generate 'n' passwords at once

If you need to create 10 passwords, just use a PowerShell loop:

PS C:\Users\JanR> 1..10 | % { Get-RandomString 20 SQLCompliant }
TTFoxZ87txhnbmIU9q5A
R4vWWvwgfP0qIt4XYu9o
s!f%CdUvlCI$zQrCFqSc
1TPCtleGZwHA0wesEGTg
eETPS96UevEjT6SQkKRP
vrPkAeR7Eb$3yN5zn42o
U#qpiEKi3CzdqM9EtHiG
pBmcscaeYIWl9I3BQqm!
xJu2c4vnef5MD1$XsgtE
$JbHI2i!eUTIlW9jlt4g

Or

PS C:\Users\JanR> $numb = 10; for ($i=1; $i -le $numb; $i++) { Get-RandomString 20 SQLCompliant }
PjYqmpDXNaWeuAOcGibl
pl1!d025Lj0z46l8dgGa
d2Yh3rh4Kzw%Op57pHm4
JC6qq8RkWagTa5UJEadG
swOxlUJNUSXHoZ6B#L6P
6cVVuaLi0ik16eM5oBrL
ng9Sk!HhxNzo4sP$u5zX
BiqHekIF46vbibv9vzYk
F1iWL$mVspKDMnU3dtC0
VwMESNmDghHnz!agVshc

OpenSSL

If you have OpenSSL installed and available in Windows you can use OpenSSL to generate pseudo-random strings just as you would in Linux.

Install OpenSSL in Windows

To install OpenSSL in Windows all you have to do is use winget (assuming you have an supported Windows version). In an Administrator PowerShell session run:

Search for OpenSSL in the winget repository

PS > winget search openssl
Name                 Id                 Version Match        Source
-------------------------------------------------------------------
FireDaemon OpenSSL 3 FireDaemon.OpenSSL 3.1.4   Tag: openssl winget

 

Install FireDaemon OpenSSL

PS > winget install FireDaemon.OpenSSL
Found FireDaemon OpenSSL 3 [FireDaemon.OpenSSL] Version 3.1.4
This application is licensed to you by its owner.
Microsoft is not responsible for, nor does it grant any licenses to, third-party packages.
Downloading https://download.firedaemon.com/FireDaemon-OpenSSL/FireDaemon-OpenSSL-x64-3.1.4.exe
  ██████████████████████████████  11.3 MB / 11.3 MB
Successfully verified installer hash
Starting package install...
Successfully installed

Use OpenSSL to create secure passwords

Now you have OpenSSL installed you can start using it to create your passwords. Either in hexadecimal or base64 format for example:

PS C:\Users\JanR> & 'C:\Program Files\FireDaemon OpenSSL 3\bin\openssl.exe' rand -hex 8
23a6a5c9616fbda4
PS C:\Users\JanR> & 'C:\Program Files\FireDaemon OpenSSL 3\bin\openssl.exe' rand -base64 8
ygV7WYQ84VA=

You can use the number of bytes argument (8) to increase the length:

PS C:\Users\JanR> & 'C:\Program Files\FireDaemon OpenSSL 3\bin\openssl.exe' rand -base64 12
qZdgJkYbK9+OrY8F
PS C:\Users\JanR> & 'C:\Program Files\FireDaemon OpenSSL 3\bin\openssl.exe' rand -hex 12
040aafdce624d82ad1ed11af

 

Conclusion generating secure passwords in Windows 11

Whereas creating a secure password was difficult in Windows, you nowadays have the tools at hand to do this properly. Unique passwords keeps you safe(r) online and all those unique passwords are easily and securely stored in a password manager like Bitwarden, 1Password, KeePass or LastPass. But whatever you do, do not store passwords in your web browser!

Enjoy!