Help & guide
RandKeyKit creates strong, random keys, passwords, and tokens right on your device. Here is what each tool is for, how to use it, and why your secrets stay private.
What is RandKeyKit?
A simple toolkit for generating the secrets you need every day — passwords, passphrases, API keys, and more. Every value is created with your browser's built-in secure random generator, so the results are genuinely unpredictable and safe to use.
Your privacy
- Nothing is sent anywhere. Everything is generated on your own device. No accounts, no tracking, no servers involved.
- Nothing is saved. Your generated values are never stored. Close or refresh the page and they are gone for good.
- Works offline. Once the page has loaded, you can disconnect from the internet and it keeps working.
How to use it
- 1Pick a tool. Use the sidebar categories or scroll the cards to find what you need.
- 2Adjust the options. Set the length and format. The defaults are already secure, so you can leave them as they are.
- 3Generate. Click Generate to create a fresh value. Click it again any time for a new one.
- 4Copy it. Use the copy button next to the result, then paste it where you need it.
The Refresh All button at the top regenerates every tool at once.
What each tool is for
| Tool | What it's for |
|---|---|
| Password | A strong password for any account. Use the longest length the website allows. |
| Passphrase | A password made of real words — easier to read and type by hand when you have to. |
| API Key | A random key to connect an app or script to a service. |
| TOTP Secret | Sets up two-factor authentication codes in an app like Google Authenticator or Authy. |
| AES Key | A secret key used to encrypt files or data. |
| HMAC Key | A secret key used to sign data and check it hasn't been tampered with. |
| Salt | A random value used when storing passwords securely. |
| Session Token | A random value that identifies a signed-in session. |
| CSRF Token | A random value that protects web forms from a common type of attack. |
Not sure which one you need? For everyday logins, use Password or Passphrase. The rest are building blocks for apps and websites.
Tips for strong secrets
- Longer is stronger. When in doubt, increase the length.
- Never reuse the same password across sites.
- Save it in a password manager right after generating — these values are not stored here.
- Generate a fresh value for each new account or service.