Password Generator
All Tools
AI Detector
Audio Trimmer
Chmod Calculator
Compound Interest Calculator
Cron Builder
CSS Minifier
Diff Checker
DNS Lookup
Encoder / Decoder
Hash Generator
HTML Formatter
HTTP Headers
IP Address Info
JSON Formatter
JWT Decoder
Line Sorter
Lorem Ipsum
Markdown Preview
Meta Inspector
Password Breach Checker
Password Generator
PDF Accessibility Checker
PDF Repair
Port Checker
QR Generator
Regex Tester
SQL Formatter
SSL Certificate Checker
Subnet Calculator
SVG Cleaner
Text Case Converter
Unix Timestamp
User Agent Parser
UUID Generator
Website Accessibility Checker
Whois Lookup
Word Counter
A a 0 #1
4/4
Compliance
Why This Matters
Most accounts get hacked because of weak or reused passwords. A short password can be cracked in seconds by modern hardware, and if you use the same one everywhere, one breach exposes all your accounts. A strong, unique password for each site is the single easiest thing you can do to protect yourself online.
The standards listed below come from government agencies and major organizations that set the rules for how passwords should work. They don't all agree on the details, but the takeaway is simple: longer is better, random is better, and never reuse passwords. Use a password manager so you don't have to remember them all.
Compliance Sources
US Government
| Standard | What it is | Updated | Length | A-Z | a-z | 0-9 | #$! |
|---|---|---|---|---|---|---|---|
| NIST 800-63B (pdf) | Federal digital identity standard | 2024 | 15 | – | – | – | – |
| CISA | US cybersecurity agency guidelines | 2024 | 16 | ✓ | ✓ | ✓ | ✓ |
| FBI CJIS v6.0 (pdf) | Criminal justice database access | 2024 | 20 | – | – | – | – |
| DoD STIG | Military system hardening rules | 2024 | 15 | ✓ | ✓ | ✓ | ✓ |
| IRS Pub 1075 (pdf) | Tax data protection rules | 2024 | 14 | ✓ | ✓ | ✓ | ✓ |
| FedRAMP | Cloud security for federal agencies | 2024 | 14 | ✓ | ✓ | ✓ | ✓ |
| CMMC 2.0 L2 (pdf) | Defense contractor cybersecurity | 2023 | 14 | ✓ | ✓ | ✓ | ✓ |
Industry
| Standard | What it is | Updated | Length | A-Z | a-z | 0-9 | #$! |
|---|---|---|---|---|---|---|---|
| PCI DSS 4.0 (pdf) | Credit card processing security | 2024 | 12 | ✓ | ✓ | ✓ | – |
| HIPAA | Healthcare data privacy law | 2024 | 12 | ✓ | ✓ | ✓ | ✓ |
| OWASP ASVS (pdf) | Web app security checklist | 2023 | 12 | – | – | – | – |
| CIS Benchmark | IT security best practices | 2024 | 14 | – | – | – | – |
| NERC CIP-007 (pdf) | Power grid cybersecurity | 2023 | 8 | ✓ | ✓ | ✓ | – |
| HITRUST CSF | Healthcare IT security framework | 2024 | 8 | ✓ | ✓ | ✓ | ✓ |
| FINRA | Wall Street broker-dealer rules | 2024 | 12 | ✓ | ✓ | ✓ | ✓ |
| SWIFT CSCF | Financial messaging network security | 2024 | 12 | ✓ | ✓ | ✓ | – |
European
| Standard | What it is | Updated | Length | A-Z | a-z | 0-9 | #$! |
|---|---|---|---|---|---|---|---|
| CNIL (France) (pdf) | French data privacy regulator | 2023 | 12 | ✓ | ✓ | ✓ | ✓ |
| ANSSI (France) (pdf) | French cybersecurity agency | 2023 | 12 | ✓ | ✓ | ✓ | ✓ |
| BSI (Germany) (pdf) | German federal cyber office | 2024 | 12 | – | – | – | – |
| ENISA (EU) | EU cybersecurity agency guidelines | 2021 | 12 | – | – | – | – |
International
| Standard | What it is | Updated | Length | A-Z | a-z | 0-9 | #$! |
|---|---|---|---|---|---|---|---|
| UK NCSC (pdf) | UK government cyber baseline | 2024 | 12 | – | – | – | – |
| Australian ASD | Australia’s signals directorate | 2024 | 15 | – | – | – | – |
| Canada GC | Canadian government IT policy | 2023 | 12 | – | – | – | – |
| Singapore CSA (pdf) | Singapore cyber agency | 2023 | 12 | – | – | – | – |
| Japan NISC (pdf) | Japan’s cybersecurity center | 2022 | 10 | ✓ | ✓ | ✓ | ✓ |
| New Zealand NZISM | NZ government security manual | 2023 | 16 | – | – | – | – |
| Korea ISMS-P | Korean security certification | 2022 | 10 | – | – | – | – |
Platform Defaults
| Standard | What it is | Updated | Length | A-Z | a-z | 0-9 | #$! |
|---|---|---|---|---|---|---|---|
| Microsoft Entra | Azure/M365 identity platform | 2024 | 12 | ✓ | ✓ | ✓ | ✓ |
| Apple ID | Apple account login | 2023 | 8 | ✓ | ✓ | ✓ | – |
| AWS IAM | Amazon cloud access management | 2024 | 14 | ✓ | ✓ | ✓ | ✓ |
| Google Workspace | Google business suite | 2024 | 12 | – | – | – | – |
| Salesforce | CRM platform | 2024 | 8 | ✓ | ✓ | ✓ | – |
| Oracle Cloud | Enterprise cloud platform | 2023 | 12 | ✓ | ✓ | ✓ | ✓ |
| GitHub | Code hosting platform | 2024 | 15 | – | – | – | – |
| Okta | Single sign-on provider | 2023 | 8 | ✓ | ✓ | ✓ | – |
| Adobe | Creative & document software | 2023 | 12 | ✓ | ✓ | ✓ | ✓ |
| Snowflake | Cloud data warehouse | 2024 | 14 | – | – | – | – |
| Stripe | Payment processing API | 2024 | 10 | – | – | – | – |
| Zoom | Video conferencing platform | 2024 | 8 | ✓ | ✓ | ✓ | ✓ |
| Atlassian | Jira/Confluence dev platform | 2024 | 8 | – | – | – | – |
| GitLab | DevOps platform, breach-checking | 2024 | 8 | – | – | – | – |
| Docker Hub | Container registry platform | 2024 | 9 | – | – | – | – |
| npm | JS package registry, HIBP checks | 2024 | 8 | – | – | – | – |
| Dropbox | Cloud storage, zxcvbn scoring | 2024 | 8 | – | – | – | – |
| Slack | Team messaging platform | 2024 | 8 | – | – | – | – |
| X / Twitter | Social media platform | 2024 | 10 | – | – | – | – |
| PayPal | Payment platform, max 20 chars | 2024 | 8 | ✓ | ✓ | – | ✓ |
| Meta / Facebook | Social media platform | 2024 | 6 | – | – | – | – |
| Spotify | Music streaming platform | 2024 | 8 | – | – | – | – |
| Professional networking platform | 2024 | 6 | – | – | – | – | |
| Twitch | Live streaming platform | 2024 | 8 | ✓ | ✓ | ✓ | ✓ |