Trust center

Security and generation methodology

Technical details, threat boundaries, randomness handling, and reproducible checks for the password generator.

Randomness source

The generator requests cryptographically strong values from crypto.getRandomValues(). It never uses Math.random(). Random indices are selected with rejection sampling so that every character position has an equal chance of selecting each available character.

Character coverage and shuffle

The generator first selects one character from every enabled source. It fills the remaining positions from the combined pool and then performs a cryptographically driven Fisher–Yates shuffle. Filters for similar and ambiguous characters are applied before selection.

Data flow

Generated values exist only in the current page memory and the visible result nodes. They are not written to URLs, cookies, local storage, session storage, server logs, or build artifacts. The locale preference is the only application preference stored in local storage and a functional cookie.

Threat model and limits

This design protects against the website intentionally collecting generated passwords. It cannot guarantee the integrity of the user’s device, browser extensions, clipboard, operating system, or destination service. It also cannot make a reused password safe or prevent a user from entering a password into a phishing page.

Reproducible review

Automated tests check enabled-character coverage, excluded characters, invalid configurations, and the absence of Math.random(). Browser tests verify that regeneration and copying do not issue password-bearing network requests. The review date changes only when the implementation or explanatory content is materially reviewed.