Password Generator
vaultctl includes a built-in password generator that creates strong, random passwords entirely in your browser.
How It Works
The generator uses crypto.getRandomValues(), the browser's cryptographically secure random number generator. No passwords are sent to or generated on the server.
Options
| Option | Range / Values | Default |
|---|---|---|
| Length | 8 -- 128 characters | 20 |
| Lowercase (a-z) | On / Off | On |
| Uppercase (A-Z) | On / Off | On |
| Digits (0-9) | On / Off | On |
| Symbols (!@#$%^&* etc.) | On / Off | On |
You must enable at least one character set. The generator updates the preview in real time as you adjust the options.
Using the Generator
From the Generator Page
- Open the Password Generator from the sidebar or the tools menu.
- Adjust the length slider and toggle character sets.
- Click Copy to copy the generated password to your clipboard.
- Click Regenerate (the refresh icon) to create a new password with the same settings.
From the Login Item Editor
When creating or editing a login item:
- Click the Generate button (the dice icon) next to the password field.
- The generator panel opens with your current settings.
- Adjust options if needed.
- Click Use This Password to fill the password field with the generated value.
The password is automatically saved when you save the item.
Your generator settings (length, character sets) are remembered in local storage so they persist across sessions.
Security Notes
- Passwords are generated using
crypto.getRandomValues(), which draws from the operating system's entropy source. - The generated password never leaves your browser unless you explicitly save it in a vault item.
- Copied passwords are automatically cleared from your clipboard after 30 seconds.