generate-pw is a lightweight, easy-to-use library that allows you to randomly generate, strengthen & validate cryptographically-secure password(s).

• No external dependencies — Only built-in crypto methods used for secure randomization
• Highly customizable — Specify length, quantity, charsets to use, etc.
• Multi-environment support — Use in Node.js or the web browser
• Command line usable — Just type generate-pw, that's it

As a global utility:

$ npm install -g generate-pw

As a runtime dependency, from your project root:

$ npm install generate-pw

import * as pw from 'generate-pw';

const pw = require('generate-pw');

<script src="https://cdn.jsdelivr.net/npm/generate-pw@1.5.10/dist/generate-pw.min.js"></script>

(async () => {
    await import('https://cdn.jsdelivr.net/npm/generate-pw@1.5.10/dist/generate-pw.min.js');
    // Your code here...
})();

...
// @require https://cdn.jsdelivr.net/npm/generate-pw@1.5.10/dist/generate-pw.min.js
// ==/UserScript==

// Your code here...

💡 Note: To always import the latest version (not recommended in production!) remove the @1.5.10 version tag from the jsDelivr URL: https://cdn.jsdelivr.net/npm/generate-pw/dist/generate-pw.min.js

Generates one password if qty option is not given, returning a string:

const password = pw.generatePassword({ length: 11, numbers: true });
console.log(password); // sample output: 'bAsZm3mq6Qn'

...or multiple passwords if qty option is given, returning an array of strings:

const passwords = pw.generatePassword({ qty: 5, length: 8, symbols: true });
console.log(passwords);

/* sample output:

generatePassword() » Generating passwords...
generatePassword() » Passwords generated!
generatePassword() » Check returned array.
[ '!zSf@Q.s', '!,HT\\;m=', '?Lq&FV>^', 'gf}Y;}Ne', 'Stsx(GqE' ]
*/

💡 Note: If no options are passed, passwords will be 8-chars long, consisting of upper/lower cased letters.

See: Available options

Generates multiple passwords based on qty given, returning an array of strings:

const passwords = pw.generatePasswords(5, { length: 3, uppercase: false });
console.log(passwords);

/* sample output:

generatePasswords() » Generating passwords...
generatePasswords() » Passwords generated!
generatePasswords() » Check returned array.
[ 'yilppxru', 'ckvkyjfp', 'zolcpyfb' ]
*/

💡 Note: If no qty arg is passed, just one password will be generated, returned as a string.

See: Available options

Modifies password given to use at least one character of each requiredCharTypes element passed, returning a string:

const strictPW = pw.strictify('abcdef', ['numbers', 'symbols']);
console.log(strictPW); // sample output: 'a!c2ef'

💡 Note: If no requiredCharTypes array is passed, all available types will be required.

Available requiredCharTypes are: ['number', 'symbol', 'lower', 'upper']

Available options (passed as object properties):

Validates the strength of a password, returning an object containing:

• strengthScore (0–100)
• recommendations array
• isGood boolean (true if strengthScore >= 80)

Example:

const pwStrength = pw.validateStrength('Aa?idsE');
console.log(pwStrength);

/* outputs:

validateStrength() » Validating password strength...
validateStrength() » Password strength validated!
validateStrength() » Check returned object for score/recommendations.
{
  strengthScore: 60,
  recommendations: [
    'Make it at least 8 characters long.',
    'Include at least one number.'
  ],
  isGood: false
}
*/

Available options (passed as object properties):

Any of these can be passed into the options object for each generate*() function:

When installed globally, generate-pw can also be used from the command line. The basic command is:

$ generate-pw

Parameter options:
 --length=n                  Generate password(s) of n length.
 --qty=n                     Generate n password(s).
 --charset=chars             Only include chars in password(s).
 --exclude=chars             Exclude chars from password(s).

Boolean options:
 -n, --include-numbers       Allow numbers in password(s).
 -y, --include-symbols       Allow symbols in password(s).
 -L, --no-lowercase          Disallow lowercase letters in password(s).
 -U, --no-uppercase          Disallow uppercase letters in password(s).
 -S, --no-similar            Exclude similar characters in password(s).
 -s, --strict                Require at least one character from each
                             allowed character set in password(s).
 -q, --quiet                 Suppress all logging except errors.

Info commands:
 -h, --help                  Display help screen.
 -v, --version               Show version number.

Copyright © 2024 Adam Lui & contributors.

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Randomly generate, format, and validate IPv4 + IPv6 + MAC addresses.
Install / Readme / API usage / CLI usage / Discuss

Fetch IP geolocation data from the CLI.
Install / Readme / CLI usage / API usage / Discuss

More JavaScript utilities / Discuss / Back to top ↑