4 comments

[ 0.28 ms ] story [ 689 ms ] thread
If we can't view the source (or at least the algorithms and libraries used), its security is only hearsay.
Actually, you can via view source in browser. The passwords are generated via javascript in the browser.
The generator: https://www.randompasswordgenerator.info/js/custom.min.js

Is Math.random() a secure rng? http://stackoverflow.com/questions/5651789/is-math-random-cr...

I wouldn't consider this password generator to be secure due to the use of a non-crypto grade rng, but it's certainly looks useful for quickly generating a password.

Thanks for the feedback. I have since updated the generator to use window.crypto.getRandomValues when available (older browsers does not support it) and then use Mersenne twister as a fallback. I hope it gets your recommendation :).