You can download this page and its dependencies as a zip archive and run it from your local hard drive. Simply expand the zip archive and open passwordmaker.html in a browser.

Profile	New Profile Default
Input Url
Master password
Use l33t	not at all before generating password after generating password before and after generating password
l33t Level	1 2 3 4 5 6 7 8 9
Hash Algorithm	MD4 HMAC-MD4 MD5 MD5 Version 0.6 HMAC-MD5 HMAC-MD5 Version 0.6 SHA-1 HMAC-SHA-1 SHA-256 HMAC-SHA-256 HMAC-SHA-256 Version 1.5.1 RIPEMD-160 HMAC-RIPEMD-160
URL Components	Protocol Subdomain(s) Domain Port, path, anchor, query parameters
URL
Length of Generated Password
Username
Modifier
Characters	Edit Character Set ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789`~!@#$%^&*()_-+={}|[]\:";'<>?,./ ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789 0123456789abcdef 0123456789 ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz `~!@#$%^&*()_-+={}|[]\:";'<>?,./ Two character minimum required
Password Prefix
Password Suffix
Generated Password	Make password invisible (Highlight to view)

• Internet Explorer 5.0, 5.5, 6.0, 7.0
• Safari 1.3, 2.0, 3.1
• Firefox 1.0.x, 1.5 beta, 2.0, 3.0
• Mozilla 1.7.5
• Opera 7.54u2
• Netscape 7.2, 8.0
• Konqueror 3.3 (without cookie support)
• Maxthon Browser 1.3.1
• Flock 0.5

We haven't found any modern browser with which this page doesn't work. If you've tried this page with another browser or browser version, please let us know!
This page uses only javascript and html to generate passwords. There is no form submission -- purposefully -- so there is no way for the server to see or store your passwords (including the master). It would be a security risk to send passwords over an HTTP (not HTTPS) connection, and also to store them whatsoever (even encrypted) on a server; not to mention a violation of your privacy.

All settings except the master password are stored on your local PC as a cookie, so the settings will be the same next time you visit this page. If you'd like to store the master password also, check the Save master password checkbox. The master password will then be stored encrypted as an cookie on your local machine. Saving the master password, even though it's encrypted with AES encryption, is not completely secure; you are sacrificing some security for convenience. Theoretically, a hacker could determine your master password if he:

• Could access the encrypted master password and key, stored as cookies, on your PC
• Knew to use AES-256 to decrypt the master password

Even then, a hacker wouldn't be able to use the master password to login anywhere if you only use generated passwords for your passwords. Moreover, a succesful login to any system also requires a username.

In any case, if this security risk concerns you, you shouldn't check the "Save master password" checkbox. If you've checked it by mistake, simply clear your cookies or, alternatively, uncheck the Save master password box and navigate away from this page. This forces an empty value to be stored for the master password.