🌐 English | Русский
A lightweight, fully client-side password and key generator. Supports Password, Passphrase, PIN, SSH Key, and GPG Key modes. All generation happens in the browser using the Web Crypto API — nothing is sent to any server.
Current version is available at https://yukh.net/passgen/
- Configurable length (4–64 characters, default 20)
- Toggle character sets: uppercase, lowercase, numbers, symbols
- Exclude visually similar characters (I, l, 1, O, 0)
- No-repeating-characters option
- Extra symbols field and exclude-characters field
- 8 platform presets: PostgreSQL, MySQL, SQL Server, Linux User, Windows Admin, Redis, RabbitMQ, High Entropy
- Strength indicator based on Shannon entropy and character variety — Very Strong requires ≥ 80 bits and 3+ character types
- Random word sequences from a built-in ~500-word wordlist
- Configurable word count (2–10, default 8)
- Capitalization options: capitalize first letter, or random per-letter
- Optional digit at start and/or end (attached directly to the word, no separator)
- Random numbers inside phrase (randomly appends a digit to some words)
- Separator: space, dash (default), dot, underscore, random symbol, or none
- Numeric code, configurable length (4–12 digits, default 6)
- Generate ED25519 or RSA key pairs (2048 / 3072 / 4096 bits) directly in the browser
- Keys exported in standard OpenSSH format — compatible with
ssh-keygenoutput - Optional passphrase encrypts the private key with AES-256-CTR + bcrypt KDF (16 rounds) — identical to
ssh-keygen -a 16output - Per-key copy button; Download archive saves both keys as a single ZIP file (
<name>.key+<name>.pub) - Verify keys modal: paste or upload a private and public key to check they form a valid pair; passphrase-protected keys are fully supported — supports file upload (
.key,.pub,.pem) - bcrypt and ZIP implemented in pure JS with no external libraries
- Generate Ed25519 or RSA key pairs (3072 / 4096 bits) directly in the browser
- Keys exported in ASCII-armored OpenPGP v4 format (
-----BEGIN PGP PRIVATE KEY BLOCK-----) - Includes self-signed User ID — keys are importable with
gpg --importwithout additional steps - Optional User ID field (
Name <email>format); defaults to a generic UID if left empty - Per-key copy button; Download archive saves both
.ascand.pub.ascfiles as a ZIP - OpenPGP packet format, CRC-24, and self-signature implemented in pure JS with no external libraries
- Generate 1–50 results at once on all three tabs
- Per-result copy button; Copy all opens a modal with all results in a textarea
- Regenerate button shared across all results on each tab
- Dark / light theme toggle, EN / RU language switcher
- Active tab and all generator settings saved to
localStorage; Reset button (↺) restores all defaults - Cryptographically secure randomness via
window.crypto.getRandomValues()with rejection sampling
git clone https://github.com/yukh975/passgen.git
cd passgenOpen index.html in a browser — no build step, no dependencies.
Or serve with any static file server:
npx serve .passgen/
├── index.html # UI shell
├── assets/
│ ├── app.js # Generator logic, settings, i18n
│ ├── bcrypt.js # bcrypt_pbkdf implementation (pure JS)
│ ├── pgp.js # OpenPGP v4 key generation (pure JS)
│ ├── translations.js # UI strings (EN / RU)
│ ├── wordlist.js # Built-in ~500-word wordlist
│ ├── style.css # Styles (dark / light theme)
│ ├── logo.svg # Lock icon logo
│ └── theme-init.js # Theme pre-load (prevents flash)
├── favicon.ico # Generated from logo (16 / 32 / 48 px)
└── gen-favicon.js # Favicon generator (Node.js, no deps)
- All randomness comes from
window.crypto.getRandomValues()with rejection sampling to eliminate modulo bias. - No data leaves the browser — generation is entirely local.
- No external CDNs, no remote resources, no tracking.
Yuriy Khachaturian (powered by Claude.AI), 2026.
🌐 English | Русский