Password Generator

Privacy Policy

Last updated: March 2026

Password generation

All password and passphrase generation runs entirely in your browser using the Web Crypto API. No generated password, passphrase, or PIN is ever sent to a server or any third party.

  • No generated password is sent to a server.
  • No generated password is stored by default (not in localStorage, not in cookies).
  • Copy uses your browser's Clipboard API; we do not receive clipboard contents.
  • The strength analysis (zxcvbn-ts) runs locally — your input never leaves your device.

Data we store

The only data written to your browser is your theme preference (theme in localStorage), set when you toggle between light and dark mode. No account, session, or tracking data is stored.

Third-party services

InstantPassGen loads the JetBrains Mono typeface from Google Fonts (fonts.googleapis.com / fonts.gstatic.com). This is the only external network request the site makes. Google's font service may log standard request metadata (IP address, browser) per its own privacy policy. No other analytics, tracking scripts, or third-party services are used.

Cookies

We do not set cookies. Your browser may cache font files from Google Fonts as part of normal browser caching behaviour.

Changes to this policy

If this policy changes materially, the "Last updated" date above will be revised. Continued use of InstantPassGen after changes constitutes acceptance of the updated policy.