Secure Password Generator

A clean, secure, and user-friendly password generator built with vanilla JavaScript. This application generates cryptographically secure passwords with customizable options while maintaining privacy by never transmitting or storing generated passwords.

🌟 Features

Core Functionality

• Cryptographically Secure: Uses crypto.getRandomValues() for true randomness
• Customizable Length: Generate passwords from 4 to 128 characters
• Character Set Control: Toggle uppercase, lowercase, numbers, and special characters
• Batch Generation: Create up to 20 passwords simultaneously
• Ambiguous Character Exclusion: Optional removal of confusing characters (0, O, l, 1, etc.)
• One-Click Copy: Copy passwords to clipboard with visual feedback
• Real-Time Strength Analysis: Visual password strength indicator with entropy calculation

Security & Privacy

• Client-Side Only: No data transmission or server communication
• No Storage: Passwords are never saved or logged
• Secure Context: Works best in HTTPS environments
• Memory Management: Clears sensitive data when possible

User Experience

• Responsive Design: Works seamlessly on desktop and mobile
• Accessibility: Full keyboard navigation and screen reader support
• Dark Mode: Automatic dark/light theme support
• Settings Persistence: Remembers your preferences locally
• Real-Time Updates: Instant password generation as settings change

🚀 Quick Start

Option 1: Direct Download

1. Download or clone this repository
2. Open index.html in a modern web browser
3. Start generating secure passwords immediately

Option 2: Local Development

# Clone the repository
git clone https://github.com/0x-Decrypt/password-generator.git
cd password-generator

# Serve locally (recommended for full functionality)
python -m http.server 8000
# or
npx serve .

# Open http://localhost:8000 in your browser

Option 3: GitHub Pages

Visit the live demo: https://0x-Decrypt.github.io/password-generator

🛠️ Usage

Basic Usage

1. Adjust the password length using the slider (4-128 characters)
2. Select desired character types (uppercase, lowercase, numbers, symbols)
3. Optionally exclude ambiguous characters
4. Click "Generate Password" or press Space
5. Click "Copy" to copy the password to your clipboard

Advanced Options

• Batch Generation: Use the quantity slider to generate multiple passwords
• Strength Analysis: View real-time password strength and entropy
• Keyboard Shortcuts: Press Space anywhere to generate new passwords
• Settings Persistence: Your preferences are automatically saved

Recommended Settings

For maximum security, we recommend:

• Length: 16+ characters
• Character Types: All types enabled
• Exclude Ambiguous: Enabled for better usability

🏗️ Architecture

The application follows a modular architecture with clear separation of concerns:

src/
├── modules/
│   ├── characterSets.js      # Character set management
│   ├── passwordGenerator.js  # Core generation logic
│   ├── validator.js          # Input validation
│   ├── strengthAnalyzer.js   # Password strength analysis
│   └── uiController.js       # UI management
├── utils/
│   ├── clipboard.js          # Clipboard operations
│   └── helpers.js            # Utility functions
├── styles/
│   ├── main.css             # Core styles
│   └── components.css       # Component-specific styles
└── app.js                   # Application initialization

Key Design Principles

• Minimal Code: Functions under 25 lines each
• Single Responsibility: Each module has one clear purpose
• Error Handling: Comprehensive validation and error management
• Accessibility: ARIA labels and keyboard navigation
• Performance: Optimized for speed and memory efficiency

🔒 Security

Cryptographic Security

• Uses Web Crypto API's crypto.getRandomValues() for secure randomness
• No predictable patterns or sequences
• Proper entropy calculation and validation

Privacy Protection

• No Network Requests: Completely offline functionality
• No Data Storage: Passwords exist only in memory temporarily
• No Logging: No console logging of sensitive data
• Memory Clearing: Attempts to clear passwords from memory when possible

Browser Requirements

• Modern browser with Web Crypto API support
• HTTPS recommended for full clipboard functionality
• JavaScript enabled

🧪 Testing

The application includes comprehensive testing for all core functionality:

# Run tests (if you have a local server)
open tests/index.html

# Or run individual test files
open tests/passwordGenerator.test.html
open tests/validator.test.html

Test Coverage

• Password generation algorithms
• Input validation
• Character set management
• Strength analysis
• UI interactions
• Error handling

🤝 Contributing

Contributions are welcome! Please follow these guidelines:

Development Setup

1. Fork the repository
2. Create a feature branch: git checkout -b feature/amazing-feature
3. Follow the existing code style and architecture
4. Ensure all functions remain under 25 lines
5. Add tests for new functionality
6. Update documentation as needed

Code Standards

• Minimal Code: Write the fewest lines necessary
• Descriptive Naming: Clear, self-documenting variable and function names
• Modular Design: Keep components small and focused
• Error Handling: Validate inputs and handle edge cases
• Accessibility: Maintain ARIA labels and keyboard support

Pull Request Process

1. Update the README.md with details of changes
2. Ensure all tests pass
3. Make sure the code follows the style guidelines
4. Create a detailed pull request description

📝 License

This project is licensed under the MIT License - see the LICENSE file for details.

🙏 Acknowledgments

• Web Crypto API for secure random number generation
• Modern CSS features for responsive design
• Accessibility guidelines from WCAG 2.1
• Security best practices from OWASP

📊 Browser Support

Browser	Version	Support
Chrome	37+	✅ Full
Firefox	34+	✅ Full
Safari	10.1+	✅ Full
Edge	79+	✅ Full

🔧 Configuration

The application can be customized by modifying the constants in the source files:

// In characterSets.js
const MAX_PASSWORD_LENGTH = 128;
const MIN_PASSWORD_LENGTH = 4;

// In passwordGenerator.js
const MAX_PASSWORDS = 20;
const DEFAULT_ENTROPY_THRESHOLD = 50;

📈 Performance

• Generation Speed: < 100ms for any password length
• Memory Usage: Minimal footprint with automatic cleanup
• Bundle Size: < 50KB total (uncompressed)
• No Dependencies: Pure vanilla JavaScript

🐛 Troubleshooting

Common Issues

Q: Clipboard copy doesn't work A: Clipboard API requires HTTPS. Use a local server or enable clipboard permissions.

Q: "Crypto API not available" error A: Use a modern browser and HTTPS connection. Some older browsers don't support Web Crypto API.

Q: Password strength seems low A: Try increasing length and enabling all character types. The analyzer uses strict security standards.

Reporting Issues

If you encounter any issues:

1. Check browser console for error messages
2. Verify you're using a supported browser
3. Try in an incognito/private window
4. Report issues with detailed reproduction steps

---

Built with ❤️ for security and usability