Password Pepper Builder
Generates a strong string (32-128 bytes) in base64/hex/base64url for use as a server-side pepper in password hashing. Shows entropy and OWASP tips.
O que é um pepper? String fixa do servidor (não armazenada no banco) misturada à senha antes do hash (bcrypt/argon2). Diferente do salt, é mantida em segredo no app/HSM.
Recomendações OWASP: mínimo 32 bytes (256 bits), armazenado em KMS/Vault/var de ambiente — nunca no repositório. Rotacione com versionamento (ex: v1:bcrypt(...)).
Related Tools
Password Generator
Generate strong, random passwords with custom length, uppercase letters, numbers and symbols. Generated in the browser — no data leaves your device.
Encrypt Text
Apply classic ciphers (Caesar, ROT13, Atbash) or Base64. Useful for puzzles, CTFs and testing — do not use for real security.
Password Strength Checker
Check the strength of a password with entropy calculation, common-password check and improvement tips. Runs in your browser — no data is sent.