About PassForge

Online security should not require trusting yet another service with your sensitive data. That was the frustration that led to PassForge.

Most password tools on the web ask you to type your password into a form and hope for the best. Some claim they do not store your data — but you have no way to verify that. We thought the whole approach was backwards. Instead of promising not to look at your passwords, we built tools that make it technically impossible for us to see them. Every computation runs locally in your browser, using JavaScript and WebAssembly. There is no server-side processing, no database, and no API call that ever carries your secrets.

PassForge started as a single password generator and grew into a suite of 15 security tools: password and passphrase generators, strength analyzers, hash generators powered by Argon2 and bcrypt via WASM, a breach checker that uses the k-anonymity protocol, a JWT decoder, a TOTP generator, EXIF metadata stripping, and more. Every tool follows the same rule — your data stays on your machine.

We believe that the best security tool is one you do not have to trust. Open the page, use the tool, close the tab. Nothing lingers, nothing phones home. That is the experience we are building.

PassForge is free and supported by ads. If you find it useful, the best thing you can do is share it with someone who needs better passwords.