Free encryption key generator
Generate an AES-256 encryption key or a random secret in your browser. The Web Crypto API creates the key on your device and it never crosses the network. You never create an account, and reloading the page discards the key.
Copied to clipboard
How the encryption key generator works
Runs entirely in your browser
Choose the key size and format
Pick an AES-128, AES-192, or AES-256 key, or switch to a random secret for an API key or session token, and choose hex, Base64, or alphanumeric output.
Generate the key
Your browser's Web Crypto API creates the key and exports its raw bytes. The randomness underneath is your operating system's cryptographically secure generator.
Copy it into your secrets manager
Paste the key into an environment variable or a secrets manager. It never transits the network, so it cannot be intercepted in flight or logged by a server that generated it for you.
Private by design: nothing leaves your browser
Many online key generators build the key on their server and send it back over the wire. At that point the key has been outside your control, and you have no way to know whether it was logged. This one never makes a network request:
100% client-side
The key is generated on your device with the browser's Web Crypto API. No request is made when you click Generate.
Nothing stored or logged
No account, no analytics on what you generate, no history. Reload the page and the key is gone.
Open and verifiable
Keys come from the browser's Web Crypto API, the same standard, audited primitive the browser uses for real encryption. No custom-rolled cryptography, and never an ordinary, predictable random number function.
What the generator guarantees
- AES keys are produced by the Web Crypto key generator, not by hashing a passphrase or a timestamp.
- Random secrets draw from the browser's Web Crypto API, seeded by the operating system.
- Alphanumeric output uses rejection sampling, so no character in the set is more likely than another.
- Hex and Base64 are encodings of identical bytes, so the format you pick never weakens the key.
Built for developers and security-conscious teams
Developers and teams who need key material that no third party has ever held. It is the same principle behind BlockSurvey's zero-knowledge surveys keys live on the device, so the server has nothing worth stealing.
Developers
Create AES keys for at-rest encryption, JWT signing secrets, and API keys without pasting them into a stranger's server first.
Security & IT teams
Rotate service credentials and seed a secrets manager, with the key size and entropy documented on screen for your change ticket.
Privacy-conscious users
Generate a key for disk or backup encryption on a machine that is offline, using the secure password generator for the passphrase that protects it.
Building something that handles sensitive data?
BlockSurvey runs on zero-knowledge surveys, so the responses you collect are never sold or mined. Your respondents' answers are encrypted on their own devices, just as this key never leaves yours.