Security generators
Generators for passwords, PINs, API keys, tokens, hashes and signatures. They use the browser's cryptographic randomness (Web Crypto) and run locally — nothing is sent to a server.
24 tools in this category.
API key generator Generate random API keys with custom prefix, configurable length and hex or base62 format. Useful for development, testing and production. Bcrypt generator Generate Bcrypt-style password hashes with configurable cost factor. Developer tool, processed in your browser. CORS Policy Generator Generate secure CORS configurations for APIs: allowed origins, methods, headers, credentials. Avoid common cross-origin security mistakes. Cryptographic Salt Generator Generate secure salts for password hashing and encryption. Cryptographically strong random strings in different formats and lengths. CSP Header Generator Generate configurable CSP headers to protect your app from XSS and code injection. Ready examples with script-src, style-src, frame-ancestors and more. CSRF Token Generator Generate secure CSRF tokens to protect your forms. Implement protection against Cross-Site Request Forgery attacks with unique and robust tokens. Free Pinterest Pin Description Generator Generate SEO-optimized Pinterest pin descriptions. Up to 500 characters with natural keywords, context and CTA that boost reach. Free Wedding Hashtag Generator Generate unique wedding hashtags. Mix the names of the couple and get 20 creative hashtags for Instagram and TikTok. HMAC generator Compute HMAC with SHA-1, SHA-256, SHA-384 and SHA-512 in your browser. Useful for signing webhooks, APIs and verifying integrity. JSON Web Token (JWT) Generator Generate test JWTs with customizable payload, HS256 algorithm, and standard claims. Ideal for API testing, auth debugging, and secure local development. JWT Test Token Generator Create valid JWT tokens with custom claims for local testing. Configurable headers, payloads and edge-case scenarios without touching production or exposing secrets. Kubernetes Secret Generator Create secure secrets for Kubernetes manifests instantly. Generate tokens, passwords, and base64-encoded keys ready for production clusters. MD5/SHA hash generator Compute MD5, SHA-1, SHA-256 and SHA-512 hashes in your browser. Useful for verifying files, data integrity and signatures. No server. Nonce Generator Generate unique nonces to prevent replay attacks. Includes timestamps, UUIDs, HMAC and formats for JWT, OAuth, CSP and webhooks. OAuth Credentials Generator Generate client_id, client_secret and OAuth 2.0 tokens instantly. Realistic credentials for API development, testing and documentation. Passphrase generator Generate memorable diceware-style passphrases: several random words easy to remember and hard to crack. With real entropy. 100% in your browser. Password generator Create strong, random passwords instantly. Adjust length, uppercase, numbers and symbols. 100% free and private — no signup, runs in your browser. Password strength checker Measure how strong your password is: entropy in bits, estimated crack time and an improvement checklist. 100% in your browser, nothing is sent. PIN generator Generate secure 4 to 12-digit PINs for cards, alarms, safes and accounts. 100% free, runs entirely in your browser, no signup required. Rate Limit Policy Generator Configure effective rate limiting policies for APIs. Protect your endpoints against abuse without affecting legitimate users with practical examples. Security Headers Generator Generate security HTTP headers: CSP, HSTS, X-Frame-Options and more. Protect your site against XSS, clickjacking and injection. Ready-to-copy configuration. Shapeshifter Name Generator Create fluid names for shapeshifters, metamorphs and creatures of mutable identity. For urban fantasy, modern folklore and roleplay campaigns. SQL Injection Pattern Generator Generate regex patterns to detect SQL injection attempts in inputs. Perfect for WAFs, form validation and web application security hardening. SSL Test Certificate Generator Generate commands to create self-signed SSL certificates for development and testing. Set up HTTPS in local environments with OpenSSL securely.