Privacy & Security - P3
Password Generator
Password Generator for quick calculations, comparisons, formatting, and practical browser-based results.
About Password Generator
Privacy and security hygiene involves tasks most people do infrequently but urgently — generating a strong password, checking whether an email address has appeared in a breach, or hashing a string for a config file. Password Generator handles one of those tasks locally in your browser, so you're never sending sensitive credentials or data over the network to get the answer.
How to use Password Generator
- Choose the relevant operation from the tool options (generate, check, hash, etc.).
- Enter only the minimum required input — the tool needs no personal identification.
- Press the action button to get the result immediately.
- Copy the output to your password manager, config file, or secure notes.
Frequently asked questions
- Does the tool send my password or hash to any server?
- No. All cryptographic operations run in the browser using the Web Crypto API. Your input never leaves your device.
- Are generated passwords truly random?
- Yes. Passwords are generated with the browser's cryptographically secure random number generator (crypto.getRandomValues), not a predictable pseudo-random algorithm.
- How does the breach-check work without sending my email address?
- Breach checkers that preserve privacy use the k-anonymity technique: only the first five characters of the SHA-1 hash of your input are sent to the service, which returns a list of matching hashes for local comparison.
- Which hashing algorithms are available?
- Common options include SHA-256, SHA-512, and MD5 (for legacy compatibility only — MD5 is not suitable for security-critical applications). The tool notes where an algorithm is considered deprecated.
- Can I use the password generator for passphrases?
- Yes. Select the 'words' mode to generate a memorable passphrase of random words. A four-word passphrase provides approximately 44–50 bits of entropy, which is adequate for most online accounts.
Common use cases
- Generating a strong random password for a new account sign-up
- Hashing a database seed value or config secret for a development environment
- Checking whether a known password appears in public breach datasets
- Producing a SHA-256 file checksum to verify a download's integrity
- Creating a one-time random token for a test or staging environment