Random String & Secure Token Generator (Online) Generate random strings and tokens.
100% offline
Length
Count
Characters24 chars per token from the selected classes, unbiased crypto sampling.
Generated
Choose your options, then Generate.

About Random String & Secure Token Generator (Online)

This free random string generator builds tokens from any mix of lowercase letters, uppercase letters, digits, and symbols — at any length, one at a time or in bulk. It is ideal for API keys, secrets, passwords, salts, and test fixtures, and it can also emit raw random bytes as hex or base64 when you need a binary token rather than a readable one.

Every value is sampled with your browser's cryptographically-strong randomness (the Web Crypto API), using rejection sampling so each character is uniformly likely with no modulo bias. Generation happens entirely on your device — nothing you create is ever sent to a server, which makes this random token generator safe to use for real secrets.

Features

  • Pick any character set: lowercase, uppercase, digits, and symbols
  • Any length up to 1024, and bulk generation up to 1000 at once
  • Raw-byte output as hex or base64 for binary tokens
  • Crypto-strong, unbiased randomness via the Web Crypto API, fully offline

How to use

  1. Choose an output format: characters, hex, or base64.
  2. Set the length (or byte count) and how many strings to generate.
  3. Toggle the character classes you want, then press Generate.
  4. Copy a single token, or use Copy all to grab the whole list.

Frequently asked questions

Are these random strings secure enough for secrets?

Yes. Randomness comes from crypto.getRandomValues in your browser, the same cryptographically-strong source used for keys and nonces. Sampling uses rejection to avoid modulo bias, so every character is uniformly likely.

How long should a token be?

For secrets, aim for at least ~128 bits of entropy. A 22-character string over a 62-character alphabet (letters + digits) is roughly 130 bits. For hex or base64, 16+ random bytes is a common, strong choice.

What is the difference between the character and hex/base64 modes?

Character mode samples from the alphabet you toggle, giving readable tokens. Hex and base64 modes encode raw random bytes — the length field then counts bytes, so a 16-byte hex token is 32 characters long.

How is this different from a password generator?

A password generator optimizes for memorable, typeable human passwords. This tool generates raw random strings and tokens — API keys, secrets, salts, and hex or base64 byte strings — for machines and config, where length and entropy matter more than readability.

Is anything sent to a server?

No. Everything runs locally in your browser and works offline. Generated strings never leave your device.

Related tools

Nano ID Generator – Short, URL-Safe Unique IDs Generate compact, URL-safe Nano IDs. Strong Password & Passphrase Generator – Diceware Generate strong passwords or memorable passphrases. UUID Generator — v4, v7, GUID & ULID Online (Bulk) Generate RFC-4122 v4 identifiers

Everything runs locally in your browser — your input is never uploaded.