How PassGen Works

Password generation

Passwords are generated in your browser using a local word list and cryptographically secure randomness (Web Crypto).

• No password generation request is sent to the server.
• Word list data is cached locally in your browser for performance.
• You control length, separator, numbers, and special characters client-side.

Password sharing

When you choose to share, the password is encrypted on the server with AES-GCM and stored as a one-time secret.

• The share URL contains both IDs required for decryption, including the salt which is not stored on the server.
• View counters are decremented atomically to prevent race-condition double views.
• Each shared password is intended for one successful view/decryption, then it is deleted.

Key generation

SSH/Git key pairs are generated in your browser using Web Crypto.

• Private keys are created and kept on your device.
• Private keys are never uploaded to PassGen.

Key sharing

Key sharing uses a pending-share flow designed so recipients generate their own private key locally.

• Sender creates a pending key-share link with algorithm/purpose metadata.
• Recipient opens link and generates key pair in browser.
• Only recipient public key is submitted and stored.
• Recipient private key is downloaded locally and not sent to the backend.

Security assumptions and limits

• A compromised browser/device can still leak secrets.
• PassGen cannot read private keys, and shared passwords are encrypted with a salt that is only present in the share link (without the full link, decryption is not possible).