Security & Privacy Tools

Security hygiene starts with strong credentials. The Password Generator creates cryptographically random passwords with configurable length, character sets, and complexity rules. The Passphrase Generator builds diceware-style word sequences that are both highly random and memorizable — a practical choice for master passwords and encryption keys where memorability matters. The Password Breach Checker queries the Have I Been Pwned database using a k-anonymity model: only the first five characters of the SHA-1 hash are sent to the API, so your actual password is never transmitted.

The JWT tools are essential for API authentication debugging. The JWT Decoder decodes the Base64url-encoded header and payload of any JSON Web Token, showing the algorithm, expiration time, issuer, subject, and custom claims. The Signature Verifier validates the HMAC or RSA signature given the correct secret or public key, confirming whether a token has been tampered with. The TLS Certificate Decoder parses PEM-format X.509 certificates to display the subject, issuer, validity period, and Subject Alternative Names — useful when diagnosing SSL/TLS configuration issues.

Hash generation covers MD5, SHA-1, SHA-256, SHA-384, and SHA-512. These algorithms are used for file integrity verification (comparing checksums after downloads), content addressing in caching systems, and data fingerprinting. The Hash Identifier takes an unknown hash string and identifies its algorithm based on length and character set — useful when you encounter an unfamiliar hash format in a database, config file, or security report. All cryptographic operations use the browser's native Web Crypto API and run entirely client-side.