APG generates passwords with two (2) to eight (8) random common dictionary words. It displays length and approximate bits of entropy. The length of the password is often more important than the complexity. For example, if a person had the password "yz4%38nX@nl2" versus a password based on four common yet unrelated dictionary words such as "goodnessflexiblehousingcigarette", the latter would take far longer to crack during a brute-force attack (12 vs. 32 characters). Additionally, people who use completely random complex passwords often write them down. However, a password based on a string of common unrelated English words is much easier for someone to remember, and at the same time secure. If you want the best of both worlds (length and complexity), you can use the built-in editor to customize the generated password by adding mixed case, numbers, and special characters.