Every string below is drawn from your browser's cryptographically secure random number generator the moment this page loads. Nothing is generated on a server and nothing leaves this tab — close the page and these strings are gone for good, known only to you.
These strings come from crypto.getRandomValues(), the same
cryptographically secure random source your browser uses for TLS session keys.
Each character is chosen independently with equal probability (using rejection
sampling, so no character set introduces statistical bias). That makes the strings
maximum-entropy: there is no pattern to exploit, no dictionary that contains them,
and no shortcut for an attacker beyond brute force over an astronomically large
space.
Because generation happens entirely in your browser, there is no server that ever saw your password, no network transmission to intercept, and no log to leak. You can even load this page once, disconnect from the internet, and generate keys fully offline.
Hex (256 bits) — ideal wherever raw keying material is accepted: Wi-Fi WPA pre-shared keys entered as 64 hex digits, VPN shared secrets, API signing keys. You can also slice off a shorter prefix; any substring is just as random as the whole.
Printable ASCII — the densest passphrase format. Use it where the full symbol set is accepted, such as password-manager master entries or WPA passphrases on modern equipment.
Alphanumeric — for systems that choke on symbols. Slightly fewer bits per character, but at 63 characters it is still unimaginably far beyond brute-force reach.
For keys you configure once and never retype — router passphrases, VPN secrets — use the longest string the device accepts. Length costs you nothing after setup, and every added character multiplies an attacker's work.