Skip to main content
SimpleToolbox
Privacy Tools

Privacy & Security Tools

Free privacy and security tools — generate strong passwords, random data, and secure credentials. Runs locally in your browser.

Most online password generators send your request to a server — a generated credential passes through infrastructure you do not control. These tools use your browser's own cryptographic APIs instead. Password generation and bcrypt hashing happen entirely locally, with no network call required after the page loads.

What these tools cover

  • Password Security — Generate strong passwords and check their entropy.
  • Bcrypt Hash Gen — Generate and verify strong bcrypt password hashes securely in your browser.

Password Security

Generate strong passwords and check their entropy.

Launch tool

Bcrypt Hash Gen

Generate and verify strong bcrypt password hashes securely in your browser.

Launch tool

How to get accurate results

Set password length to at least 16 characters and include both symbols and numbers — length is the primary driver of entropy against brute-force attacks. For bcrypt, match the work factor to your production environment's setting before verifying a hash — mismatched work factors produce comparison failures even when the password is correct. Copy the generated output to your password manager immediately, before refreshing or closing the tab.

When to use these tools

  • Generating a strong credential for a new account without using a cloud-based generator that may log inputs server-side
  • Creating a bcrypt hash during development to test your password verification logic against a known value
  • Checking what bcrypt hashing speed looks like at different work factors on your own hardware before choosing a production value
  • Replacing a weak or reused password with a cryptographically random one at the required length and complexity

Frequently Asked Questions

What privacy tools are available?

Password generator (crypto.getRandomValues()), bcrypt hash generator and verifier.

Is the password generator truly random?

Yes — it uses the browser's native crypto.getRandomValues() API, which draws entropy from hardware sources. This is cryptographically secure randomness, not Math.random().

Can I use the bcrypt tool with real passwords?

Yes — bcrypt hashing runs entirely in your browser using bcryptjs. Your plain text password is never transmitted anywhere, making it safe to use with real credentials during development.

Why should I use a password generator instead of making up my own password?

Human-generated passwords follow predictable patterns. A 16-character randomly generated password has roughly 105 bits of entropy — exponentially harder to crack than any memorable password a person would invent.