Strong passwords.
Generated locally.
Never sent anywhere.

A privacy-first password generator that runs entirely in your browser. Zero servers, zero logging, zero compromises. crypto.getRandomValues randomness, HIBP breach check via k-anonymity, encrypted history with AES-GCM.

Add to Chrome , Free See pricing
100%
Local generation
0
Servers in the loop
128
Max password length
800M+
Breaches checked

Everything you need. Nothing you don't.

Strong, single-purpose, fast. Pin it once, click it forever.

๐ŸŽฒ

Random passwords

8 to 128 characters. Toggle character classes. Skip ambiguous lookalikes (l, 1, I, O, 0). Custom symbol sets for picky sites.

๐Ÿ”‘

Diceware passphrases

3 to 10 words from a curated 1,910-word English wordlist. Hyphen, space, digit, or symbol separators. Memorable, typeable, and bulletproof.

๐Ÿ—ฃ๏ธ

Pronounceable mode

Alternating consonant-vowel patterns you can dictate over the phone or read off a printed handout.

๐Ÿ“Š

Bulk + CSV export

Generate up to 500 unique passwords at once. Export as CSV ready to import into 1Password, Bitwarden, or any password manager.

๐Ÿ›ก๏ธ

HIBP breach check

Verify against 800M+ leaked credentials using k-anonymity. Only the first 5 hex chars of the SHA-1 hash hit the API. Your hash never leaves the device.

๐Ÿ“œ

Encrypted history

Last 5 passwords on Free, last 100 on Pro. Encrypted at rest with AES-GCM. Optional master phrase for cross-restart persistence.

Privacy you can verify.

Three guarantees, all auditable in the source bundle.

crypto.getRandomValues

True cryptographic randomness from your browser's WebCrypto API. We never use Math.random and never seed the RNG.

k-anonymity for HIBP

Only the first 5 hex characters of the SHA-1 hash are sent. The full hash is never transmitted. Your password is never even hashed remotely.

AES-GCM history

Saved passwords are encrypted with a session key. Optional master phrase via PBKDF2 (250,000 iterations). Decryption stays in-browser.

Pricing

Free is genuinely useful. Pro unlocks the power tools.

Free

$0
  • Random passwords up to 32 chars
  • 50 generations per day
  • HIBP breach check, 5 per day
  • Last 5 passwords (encrypted)
  • Strength meter with entropy
  • Skip ambiguous characters
Add to Chrome

Pro

$1.99 /mo
  • Everything in Free, plus:
  • Passphrase generator (diceware)
  • Pronounceable passwords
  • Bulk + CSV export, up to 500
  • Length up to 128 characters
  • Custom symbol set
  • Unlimited HIBP breach checks
  • Last 100 passwords (encrypted)
  • Unlimited daily generations
View plans , $7.99 lifetime available

Frequently asked questions

If yours isn't here, email support@peakproductivity.online.

Are the passwords actually random?

Yes. We use crypto.getRandomValues with rejection sampling to avoid modulo bias. We never use Math.random. The browser's WebCrypto API is the same source banks and password managers rely on.

Is my generated password sent anywhere?

No. Generation happens 100% inside the popup. The optional breach check uses k-anonymity (only the first 5 chars of the SHA-1 hash are sent), so the actual hash of your password is never transmitted.

What permissions does the extension need?

Just "storage" (for settings + encrypted history) and host_permissions for peakproductivity.online (license verify) and api.pwnedpasswords.com (optional breach check). No tab access, no content scripts, no clipboard read.

What's the difference between Monthly and Lifetime?

Same Pro features. Monthly is $1.99/mo. Lifetime is $7.99 once. Lifetime pays for itself in four months.

Can I get a refund?

Within 30 days of purchase, yes. Email support@peakproductivity.online and we will refund, no questions asked.

Does it work offline?

All Free generation works offline. Pro license verification and the HIBP breach check both require network access , but generation itself never does.