Is an approximate of the time needed for anyone to guess (brute force) the generated ...-word password above, assuming they have the resources to try 1,000,000 passwords per second.
Longer passwords are better, because they are harder to guess.
That means higher security.
Most 4-word passwords generated from with this tool are MORE secure than 8-character (alphanumeric + punctuations) passwords. Of course, the longer the password, the better.
This article explains the math behind the statement above.
After generating a password, the tool determines its complexity/strength rating to determine if it is safe for use. If the algorithm deems the password to NOT be strong enough, a new password will be generated. The cycle will repeats until a strong password has been found.
The passwords are generated in your browser and are never transmitted to any server, including ours.
We utilize a service called have i been pwned? to check if a particular password has been previously exposed in data breaches.
Your password is NEVER SENT to any server, including theirs (and ours). We perform the check by downloading a list of breached passwords and having your web browser compare your password against the list.
The actual comparison process takes place in your web browser (never in any server). There is ABSOLUTELY NO WAY for them (or us) to know what password you have chosen.