Browser-only tool
Secure random hex generator
Random hex strings are useful for identifiers, salts, nonces, test fixtures, and token-like values when generated with secure randomness.
Privacy And Limitations
Random bytes are generated locally with the browser Crypto API.
- Token security depends on sufficient length and safe storage, not just random generation.
- Do not expose secret tokens in URLs, logs, screenshots, or client-side source code.
- For production authentication tokens, prefer server-side generation and storage policies.
Related Pages
FAQ
How many random bytes do I need?
For many token-like values, 16 bytes is a reasonable baseline and 32 bytes is stronger. Match length to your threat model.
Is random hex the same as UUID?
No. A UUID has a specific format and version bits. Random hex is raw random bytes represented as hexadecimal text.
Is hex output case-sensitive?
Hex values are byte-equivalent regardless of case, but integrations may enforce formatting conventions such as lowercase only.
Can I use random hex as an API key directly?
You can generate candidate values here, but production API keys should be issued, stored, rotated, and revoked by backend systems.
Why choose 32 bytes over 16 bytes?
Longer random values increase entropy and brute-force resistance, which is helpful for higher-risk tokens or long-lived secrets.