Skip to main content

    Frequently Asked Questions

    Everything you need to know about SecureTools and how we protect your privacy.

    Do you store my passwords?

    Absolutely not. All password generation happens in your browser using the Web Crypto API. Nothing is ever sent to our servers. You can verify this by checking your browser's network tab (F12 > Network) while using our tools.

    How are the passwords generated?

    We use crypto.getRandomValues(), a cryptographically secure random number generator built into your browser. This is the same technology used by security applications and provides true randomness.

    Is this safe to use for important accounts?

    Our generator produces cryptographically secure passwords. However, we strongly recommend using a password manager to store them securely. We generate passwords; password managers store them.

    What's the difference between a password and passphrase?

    A password is typically a shorter string of random characters (e.g., 'Xk9#mP2$'). A passphrase is a sequence of random words (e.g., 'correct-horse-battery-staple'). Both can be equally secure, but passphrases are often easier to remember.

    Should I use symbols in my password?

    Symbols increase complexity, but length matters more. A 16-character password with just letters and numbers is typically stronger than an 8-character password with symbols. Use what the service allows, prioritizing length.

    How do I know my password isn't being recorded?

    You can verify by checking your browser's network tab (F12 > Network) while using our tools. You'll see no data is transmitted. Our code runs entirely in your browser—nothing leaves your device.

    What's entropy and why does it matter?

    Entropy measures password randomness in bits. Higher entropy = harder to crack. A password with 80+ bits of entropy is considered very strong. Our strength checker shows entropy for any password you test.

    Is it safe to use online password tools?

    Only if they're client-side like ours. Never use tools that send your password to a server. Always check the privacy policy and verify no network requests are made during generation.

    How often should I change my passwords?

    Only change passwords when there's a reason to—like a data breach or suspicion of compromise. Using strong, unique passwords with a password manager is more important than frequent rotation.

    Is it safe to use a password manager?

    Yes, reputable password managers are very secure. They use strong encryption and protect all your passwords with one master password. The risk of weak or reused passwords far outweighs password manager risks.

    What makes a passphrase better than a password?

    Passphrases are easier to remember while being highly secure. A 4-5 word passphrase can have more entropy than a complex 12-character password, and you're more likely to use it without writing it down.

    Can quantum computers break my passwords?

    Not yet, and probably not for many years. Current quantum computers can't break modern encryption. When they can, the industry will have transitioned to quantum-resistant algorithms. Focus on today's best practices.

    Should I use the same password for unimportant accounts?

    No. Even 'unimportant' accounts can be used to gather personal info for social engineering, or as stepping stones to more important accounts. Use unique passwords for everything—a password manager makes this easy.

    Ready to create secure passwords?

    type html> SecureTools — Privacy-First Security Utilities