API Tools

Generate cryptographically secure random passwords with customizable character sets.

Hash passwords using bcrypt, argon2, or scrypt with configurable parameters.

Analyze password strength with scoring, crack time estimates, and improvement suggestions.

Verify a plaintext password against a bcrypt, argon2, or scrypt hash.

Decode a JWT token without signature verification to inspect its contents.

Generate signed JSON Web Tokens with HMAC or RSA/EC algorithms.

Verify and decode a JWT token using a secret key or public key.

Generate TOTP secrets with QR codes for two-factor authentication setup.

Verify time-based one-time passwords with configurable clock drift tolerance.

Generate random API keys, UUIDs, nanoids, or secret tokens.

Generate RSA or EC asymmetric keypairs in PEM format.

Decrypt AES-256-GCM encrypted ciphertext back to plaintext.

Encrypt plaintext strings using AES-256-GCM authenticated encryption.

Decode standard or URL-safe Base64 strings back to plaintext.

Encode strings to standard or URL-safe Base64.

Encode or decode strings using Base64, URL, HTML entities, hex, or ASCII85.

Compute cryptographic hashes using SHA-256, SHA-512, BLAKE2b, and more.

Verify HMAC signatures using constant-time comparison to prevent timing attacks.

Generate HMAC signatures for message authentication using SHA-256/384/512.

Heuristic spam scoring for form submissions and user-generated content.