Key Features

• Two generation modes — random passwords (8–64 characters) or BIP39 passphrases (3–10 words, with optional capitalization and an appended number)

• Configurable character sets — lowercase, uppercase, numbers, symbols, and optional exclusion of ambiguous characters (0 O l 1 I)

• Real-time strength analysis — entropy in bits, a crack-time estimate at one trillion guesses/second, and zxcvbn pattern detection that catches weaknesses raw entropy misses

• Session history — the last 10 passwords, masked and held in memory only, cleared the moment the tab closes

• Fully static — exports to plain HTML, CSS, and JavaScript, and runs entirely client-side with no backend

Keysmith generates strong, high-entropy passwords and passphrases entirely within your browser. Every character is drawn from the Web Crypto API's cryptographically secure random number generator (CSPRNG) rather than a predictable source like Math.random(), so the randomness behind each key is genuine. Nothing is ever sent over the network, and generated passwords live only in React state, so they are never stored or transmitted.

Built with Next.js, TypeScript, Tailwind CSS, and shadcn/ui, with @zxcvbn-ts/core powering the strength analysis.