Password Generator

Create mathematically robust passwords, passphrases and API keys.
Entirely local execution in your browser (Web Crypto API). No data is transmitted to the server.

100% Local No Telemetry Browser-certified CSPRNG
Secret copied. It will be automatically cleared from the clipboard in 60 seconds.
Level: ...
Brute-force: ...
Entropy: -- bits

Standard Configuration

LENGTH: 24 CHARACTERS
8 16↑ Recommended 243240485664
The greater the length and character diversity, the higher the secret's entropy.

Why use this generator?

This tool uses your browser's cryptographic random generator for perfect entropy.

  • 100% local generation
  • No network transmission
  • Cryptographically secure random source
  • Ideal for password managers

Security best practices

Mathematical security requires rigor:

  • Use at least 16 characters.
  • Combine letters, digits and symbols.
  • Use a password manager.
  • Never reuse a secret.

Possible uses

The generator produces secrets suitable for:

  • Web account passwords
  • Server API keys
  • OAuth/JWT access tokens
  • Crypto wallet passphrases
  • WPA/AES encryption keys

Random algorithm used

Web Crypto API - window.crypto.getRandomValues()

This generator is considered cryptographically secure and is used by most modern browsers for local security.

Total confidentiality

This generator works entirely client-side.

No generated secret is recorded, transmitted, or logged. The tool is for preparation, not storage.

Generator limitations

The security of a secret also depends on its storage and use.

A strong password does not protect against phishing or physical compromise of the user's device.

Frequently Asked Questions

What is a cryptographic generator?
A cryptographic generator produces random values from a secure algorithm. This site uses the native Web Crypto API of your browser.
Is the password sent to the server?
No. Generation is performed entirely in your browser. The ITYLOS server is completely unaware of what is displayed on your screen.
Is the batch exported file (.txt) safe?
No. It contains plaintext passwords. The hard drive, cloud backups or local indexing may expose them. This file must be deleted or placed in an encrypted vault immediately after use.
Is the clipboard a safe place?
Not always. Some operating systems, clipboard managers or clouds may sync it. That's why our tool attempts to automatically clear your clipboard memory after 60 seconds.
Is the QR code secure?
It is very convenient for a one-time transfer to a mobile phone without typing. However, it remains visible on screen and therefore vulnerable to observation (shoulder surfing, security cameras, screen sharing software). Use it with caution.
Does "Deterministic" mode replace a password manager?
No. Although convenient (no database to sync), it depends entirely on the strength of your master password in mind. Moreover, it does not easily allow generating a "new" password for the same site in case of compromise.