Password security advice has been the same for twenty years: use long, random passwords, never reuse them, and store them safely. The advice is right. What's been wrong is how impractical it is to follow — until recently.
Most people know their passwords aren't great. Changing them feels like a project. And the tools that exist to help are often cluttered, ad-heavy, or unclear about what they actually do with your data.
PassGen started from a simple question: what would a password generator look like if it was designed around the user's security, not the site's revenue?
A password generator that does one thing well. You set the parameters, click Generate, and get a cryptographically random password that was never sent anywhere, never logged, and doesn't exist outside your browser window.
The technical foundation is the Web Crypto API — a browser-native cryptographic library that's the same standard used in HTTPS and secure authentication systems. It produces genuine randomness, not the pseudo-random output of functions like Math.random() that should never be used for security.
Beyond the generator itself, we write honest, practical guides about password security — because a tool without context only gets you so far.
PassGen is an independent project. It's not backed by a security company with a product to upsell, and it's not affiliated with any password manager. The goal is to be genuinely useful to anyone who needs a strong password right now, without friction.
Questions, feedback, or suggestions: seizeyaks@gmail.com or the contact form.
Security tools require trust, and trust requires transparency. The source of our randomness (Web Crypto API) is publicly documented and auditable. Our privacy policy is straightforward. We don't collect passwords. We don't fingerprint users beyond aggregate analytics.
If you have questions about any aspect of how this tool works — technically or otherwise — we're happy to answer them directly.