DevKitBase
ToolsAboutPrivacy

Random strings for tokens and fixtures — not your vault

Set length; choose alphabet (alnum / hex / custom); generate. Uses `crypto.getRandomValues`.

chars: 2
Input
Output

When to use

Test tokens, invite codes, non-crypto-critical IDs with a chosen alphabet/length.

Examples

Input
32 (length)
Output
(32-char URL-safe string)
Each click regenerates.

How it works

Maps CSPRNG bytes onto the charset (avoids naive modulo bias when implemented correctly).

Common pitfalls

  • Alphabet size and length drive strength — short numeric codes are weak.
  • Not a password manager substitute.
  • Avoid biased mapping from bad modulo code (we document the method).

How this differs

Opaque strings vs UUID’s structured IDs. Hashes need input; this needs only options.

FAQ

Is this a password generator?
You can use it, but we don’t store, audit strength meters, or replace a password manager.
Bias in character picking?
Use rejection sampling / large-bit method.
Related?
UUID for standard 128-bit IDs.
Uploaded?
No.

Related tools

Runs in your browser. Nothing is uploaded. Not a security product —hashes and JWT decode are for debugging, not password storage or auth advice.