Password generator with secure defaults, async WebCrypto randomness, and optional memorable mode for Node 20+ and modern browsers.
npm install password-generator
password-generator -h
Examples:
password-generator
password-generator -l 30
password-generator -m
password-generator -s
password-generator -s4
password-generator -p "[\d\W\w]" -i
Notes:
-s generates 3 memorable words (3-7 letters) separated by spaces. -sN sets the word count.import { generatePassword } from "password-generator";
const pass = await generatePassword();
Memorable mode:
const pass = await generatePassword(20, true);
With options:
import { generatePasswordWithOptions } from "password-generator";
const pass = await generatePasswordWithOptions({
length: 16,
memorable: false,
pattern: /\d/,
prefix: "foo-",
ignoreSecurityRecommendations: true,
});
Deterministic entropy for tests:
const pass = await generatePasswordWithOptions({
length: 16,
memorable: false,
entropy: "seed",
});
Passphrase mode (memorable words, 3-7 letters each):
const passphrase = await generatePasswordWithOptions({
words: 3,
});
words mode ignores pattern and does not support prefix.
<script type="module">
import { generatePassword } from "./dist/index.js";
const pass = await generatePassword();
console.log(pass);
</script>
By default, the generator enforces a minimum estimated entropy of 64 bits. If your requested settings fall below this threshold, an error is thrown with a recommendation. To bypass the check (for testing or policy-driven constraints), pass ignoreSecurityRecommendations: true.
export type GenerateOptions = {
length?: number;
memorable?: boolean;
pattern?: RegExp;
prefix?: string;
ignoreSecurityRecommendations?: boolean;
entropy?: Uint8Array | string;
words?: number;
};
export async function generatePassword(
length?: number,
memorable?: boolean,
pattern?: RegExp,
prefix?: string,
): Promise<string>;
export async function generatePasswordWithOptions(
options?: GenerateOptions,
): Promise<string>;
generatePassword() is now async. Update your code to await generatePassword().require() is no longer supported. Use ESM import instead.length: 12.ignoreSecurityRecommendations: true is set.bun install
bun run format
bun test --coverage
bun run build:all
bunx playwright install --with-deps chromium
bun run test:browser
bun run test:all
bun run ci:local
bun run publish
ci:local requires act installed locally.
BENCHMARKS.mdCHANGELOG.mdMIT
$ claude mcp add password-generator \
-- python -m otcore.mcp_server <graph>