GeneratePass
Generate
COMMON QUESTIONS

Frequently Asked Questions

Everything you need to know about the technology, privacy guarantees, and usage specifications.

No, never. The generation process runs entirely in your browser using the standard Web Cryptography API (CSPRNG). No network requests are made, and your passwords are never transmitted or stored.

The Breach Checker scans the Have I Been Pwned database using the secure k-Anonymity privacy protocol. Your password is hashed locally using SHA-1 in your browser, and only the first 5 characters of this hash are sent over the network. The database returns all matching hash suffixes, which are compared locally inside your browser tab. Your plain-text password is never sent to the network.

Entropy is a measure of randomness, expressed in bits. Higher entropy means a password is mathematically harder to guess or brute-force. A password with 80+ bits is generally considered robust against modern automated cracking attacks.

Yes! Because all scripts and calculations are bundled into the static site assets, you can download the repository, turn off your internet connection, and run the entire suite locally.

Need More Help?

If you couldn't find your answers in the questions above, check out our dedicated tools, security guides, or contact us directly.

Publications Security Blog → Read practical password, privacy, and cybersecurity guides. Cryptography Password Generator → Create strong passwords using browser-based cryptography. Memorable Keys Passphrase Generator → Generate memorable but highly secure passphrases. Open Feedback Contact the Developer → Report bugs, security issues, or feature requests.