Cryptographically secure passwords generated entirely in your browser — nothing is sent to the server.
🔒 Generated using crypto.getRandomValues() — cryptographically secure, runs entirely in your browser.
This password generator uses the browser's built-in crypto.getRandomValues() API
to produce cryptographically secure random passwords. Unlike Math.random(), which is a
pseudo-random number generator not suitable for security, crypto.getRandomValues()
draws from the operating system's entropy pool, making it suitable for generating real passwords.
Rejection sampling is used to eliminate modulo bias, ensuring every character in your charset
has a perfectly equal chance of being selected.
Password strength is measured in bits of entropy — the number of possible combinations an attacker would need to try. A 20-character password using all four character sets (uppercase, lowercase, numbers, symbols) from a charset of ~90 characters has roughly 131 bits of entropy, making it effectively impossible to brute-force with current technology. As a rule of thumb, aim for at least 80 bits of entropy for personal accounts and 100+ bits for anything sensitive.
All password generation runs entirely in your browser. No passwords, settings or any data are transmitted to DigInterface's servers at any point.