A security-focused password generator built with the Web Crypto API. This project demonstrates cryptographically secure randomness, rejection sampling to eliminate modulo bias and secure password generation best practices. Useful for the busy user needing a hard to guess password for a password manager. Adapted from project to create on my own from the learn javascript path from Scrimba.
TLDR; A web app project for generating secure passwords via Cryptographically Secure Pseudorandom Number Generation (CSPRNG).
Title: SecurePassCraft - a privacy-first password & passphrase generator
Tagline: “In math we trust (for security) ”
App returns:
- Generated password
- default password of 20 characters with symbols, letters (uppercase and lowercase), and numbers.
- length can be changed to use increased or decreased characters
- default password of 20 characters with symbols, letters (uppercase and lowercase), and numbers.
- use of crypto.getRandomValues() in password generation, not Math.random()
- Generate passwords
- Copy password(s) to clipboard with a click
- Responsive UI with color palette
- Rejection sampling to solve issue of modulo bias
- Ability to let user customize how the password is made based on following criteria:
set the length of password otherwise generate with default length- uppercase yes/no
- lowercase yes/no
- numbers yes/no
- symbols yes/no
Copy to clipboard- Entropy score
Generate multiple passwords at once (at least 2)
This project was developed using modern AI-assisted development workflows alongside traditional programming, refactoring, documenting, and debugging practices.
AI tooling was used for:
- code review and refactoring suggestions
- debugging assistance
- Learning-focused approach and vetting LLM output
- Knowledge checks for developer on concepts used in the code
- generating and improving test cases
- accelerating frontend iteration and UI planning
- Defer to resources for understanding specific concepts and room for improvement
The primary focus of this project was understanding and improving the implementation independently while strengthening skills in:
- JavaScript
- Secure password generation
- Web Crypto API usage
- DOM manipulation (Vanilla JavaScript at the moment)
- Frontend architecture (applying responsive web design)
- Secure coding practices
- Git workflows