random string generator

How to use the random string generator

  1. Pick a length between 1 and 256 characters — 16+ is typical for API tokens, 24+ for secure secrets.
  2. Toggle the charsets you need: uppercase, lowercase, digits, symbols, hex, or base64. Combine freely or add custom characters.
  3. Set the count (1-1000) to bulk-generate strings in one click.
  4. Enable 'Exclude ambiguous' if humans will transcribe the strings — it skips O/0/l/1/I.
  5. Choose an output format: one per line, JSON array, or CSV row. Click Generate, then copy all or copy individually.

When to use it

Use it whenever you need non-password random strings: API keys for side projects, test data for database seeding, session IDs, unique filenames, CSRF tokens, or invite codes. For account passwords aimed at humans, the password generator gives you a strength meter; for cryptographic secrets that no one memorizes, this tool's hex and base64 modes are more appropriate. Alternative: rolling `crypto.randomUUID()` or `openssl rand -base64 24` in a terminal, but the bulk + CSV output here is faster for seeding dev fixtures.

Frequently asked questions

Is the random string generator cryptographically secure?
Yes. It uses the browser's Web Crypto API (`crypto.getRandomValues`), which is seeded from OS entropy and suitable for tokens, session IDs, and API keys.
What length should my random strings be?
16 chars covers most app-level tokens. 24-32 chars with mixed-case and digits gives ~128 bits of entropy — adequate for cryptographic secrets. Hex secrets usually want 32 or 64 chars for 128/256-bit keys.
Can I generate URL-safe random strings?
Yes — disable symbols and enable the Base64 charset, or add custom characters like `-_`. Hex mode is always URL-safe.
Why would I exclude ambiguous characters?
O vs 0 and l vs 1 vs I look identical in many fonts. If a user will read the string aloud or type it from a screen, excluding them cuts transcription errors in half.
How is this different from the password generator?
The password generator focuses on human-usable passwords with a strength meter. The random string generator is charset-first, supports hex/base64/custom alphabets, and bulk-outputs to JSON or CSV — better for generating fixtures, seed data, and machine-readable tokens.
Can I export the generated strings to a file?
Switch to JSON or CSV format and copy the output; paste into a .json or .csv file. All generation is client-side, so nothing is uploaded.

Related tools

Last updated: 2026-04-24