Generating secure passwords is critical for application security. This guide covers how to use a password generator API to create cryptographically strong passwords with customizable options.
Why Use a Password Generator API?
While you can generate passwords locally, there are several advantages to using an API:
- Cryptographic randomness: Server-side generators use secure random sources
- Consistent implementation: Avoid bugs in custom password generation code
- Customizable options: Easily configure length, character sets, and requirements
- No dependencies: Works in any environment that can make HTTP requests
Understanding Password Entropy
Password strength is measured in bits of entropy. Higher entropy means more resistance to brute-force attacks.
| Character Set | Bits per Character | 12-char Entropy |
|---|---|---|
| Numbers only (0-9) | 3.32 | ~40 bits |
| Lowercase (a-z) | 4.70 | ~56 bits |
| Mixed case (a-zA-Z) | 5.70 | ~68 bits |
| Alphanumeric | 5.95 | ~71 bits |
| All printable (incl. symbols) | 6.57 | ~79 bits |
For most applications, aim for at least 70 bits of entropy. Our API calculates and returns the entropy of each generated password.
Using the Password Generator API
GET https://api.tinyfn.io/v1/generate/password?length=16
Headers: X-API-Key: your-api-key{
"password": "kX9#mP2$vL7@nQ4!",
"length": 16,
"entropy_bits": 105.2,
"strength": "very_strong"
}Customization Options
| Parameter | Type | Default | Description |
|---|---|---|---|
length |
integer | 16 | Password length (8-128) |
uppercase |
boolean | true | Include uppercase letters |
lowercase |
boolean | true | Include lowercase letters |
numbers |
boolean | true | Include digits |
symbols |
boolean | true | Include special characters |
exclude |
string | "" | Characters to exclude |
Example: Alphanumeric Only
GET /v1/generate/password?length=20&symbols=falseExample: PIN Code
GET /v1/generate/password?length=6&uppercase=false&lowercase=false&symbols=falseImplementation Examples
JavaScript - User Registration
async function generateTempPassword() {
const response = await fetch(
'https://api.tinyfn.io/v1/generate/password?length=12',
{ headers: { 'X-API-Key': process.env.TINYFN_KEY } }
);
const { password } = await response.json();
return password;
}
// Use for temporary passwords sent via email
const tempPassword = await generateTempPassword();
await sendWelcomeEmail(user.email, tempPassword);Python - Bulk Generation
import requests
def generate_passwords(count: int, length: int = 16) -> list[str]:
"""Generate multiple secure passwords."""
passwords = []
for _ in range(count):
response = requests.get(
'https://api.tinyfn.io/v1/generate/password',
params={'length': length},
headers={'X-API-Key': API_KEY}
)
passwords.append(response.json()['password'])
return passwords
# Generate passwords for new user accounts
new_passwords = generate_passwords(10, length=14)Shell Script - Quick Password
#!/bin/bash
# Generate a password and copy to clipboard
curl -s "https://api.tinyfn.io/v1/generate/password?length=20" \
-H "X-API-Key: $TINYFN_KEY" | jq -r '.password' | pbcopy
echo "Password copied to clipboard!"Security Best Practices
- Use HTTPS: Always call the API over HTTPS to prevent interception
- Don't log passwords: Never log generated passwords in production
- Hash before storing: Use bcrypt, Argon2, or scrypt to hash passwords
- Set minimum length: Use at least 12 characters for user passwords
- Expire temporary passwords: Force password change on first login
- Use unique passwords: Generate fresh passwords for each user/service
Use via MCP
Your AI agent can call this tool directly via Model Context Protocol — no HTTP code needed. Add TinyFn to Claude Desktop, Cursor, or any MCP client:
{
"mcpServers": {
"tinyfn-generate": {
"url": "https://api.tinyfn.io/mcp/generate/",
"headers": {
"X-API-Key": "your-api-key"
}
}
}
}See all generator tools available via MCP in our Generator MCP Tools for AI Agents guide.
Generate Secure Passwords Now
Start using our cryptographically secure password generator API.
Get Free API Key