Cryptographically random passwords and Wi-Fi pre-shared keys, generated locally with the Web Crypto API. No network request is made — nothing is logged, sent, or stored.
Keys are drawn from window.crypto.getRandomValues(), the browser's cryptographically secure random number generator — not Math.random(), which is not safe for secrets. To avoid modulo bias, this tool uses rejection sampling: random bytes that fall outside an even multiple of the charset size are discarded rather than folded in.
Crucially, everything happens on your device. There is no API call, no server round-trip, and nothing is stored — reload the page and the keys are gone. You can verify this in your browser's network tab.
Entropy in bits is length × log₂(charset size). A 20-character key from a 90-character set is about 130 bits — vastly beyond brute-force reach. For Wi-Fi, anything above ~80 bits is comfortable; the limiting factor is usually that humans pick short, guessable passphrases, which is exactly what a random generator avoids.
The standard allows 8–63 characters. For real security use at least 16–20 random characters; short or dictionary-based PSKs are crackable offline.
The randomness source (Web Crypto) is suitable for cryptographic use. As always, generate on a trusted device and transmit keys securely.
The WPA2 preset omits 0/O and 1/l/I so keys can be read aloud or typed from a label without confusion — a small entropy cost for far fewer support calls.