Skip to main content

string-generator

A string generator produces random sequences of characters β€” useful for IDs, tokens, test fixtures, password seeds, sample data. Configurable parameters: length, charset (alphanumeric, hex, base64, custom), count, prefix / suffix, optional separators. The ZTools String Generator runs in the browser, supports cryptographically-secure random (via crypto.getRandomValues) for tokens that need real entropy, plus a deterministic seed mode for reproducible tests.

Use cases​

Generate test fixtures​

100 random IDs as test data. Predictable charset (alphanumeric), fixed length (16) β€” looks like real IDs without being real.

Seed dev passwords / tokens​

Need a 32-char hex token for a local API key. Generator produces it instantly with cryptographic entropy.

Generate unique test usernames​

For load testing, 1000 unique usernames with prefix "test_" + 10 random alphanumeric.

Custom-charset codes​

Voucher codes from charset "ABCDEFGHJKLMNPQRSTUVWXYZ23456789" (excludes confusing 0/O, 1/I) β€” 8 chars long.

How it works​

  1. Pick length and count β€” Single string or batch (1 to 100,000).
  2. Pick charset β€” Alphanumeric, hex, base64-url, alphabetic, numeric, custom (paste your own char list).
  3. Pick RNG β€” Math.random (fast) or crypto.getRandomValues (cryptographically secure β€” slower but for real tokens).
  4. Configure prefix / suffix / separator β€” Optional. E.g. prefix "test_", separator "-" every 4 chars: test_a3F9-2B1C-...

Examples​

Input: 16 hex chars Γ— 5

Output: a3f9e2b13d0c8d12, 7c0d8d12e4f1a022, b8c2d4e6f0a1b3c5, ... (5 unique strings).

Input: 32 alphanumeric, crypto RNG

Output: Suitable as a session token. Decodes to 192 bits of entropy (close to a UUID v4).

Input: Voucher charset, 8 chars Γ— 100

Output: 100 voucher codes like "K7P9X2VJ" β€” no ambiguous chars (0/O / 1/I).

Frequently asked questions​

Math.random vs crypto?

Math.random is pseudo-random (predictable seed). crypto.getRandomValues sources from the OS's CSPRNG. For test data, Math.random is fine. For tokens / passwords / session IDs, use crypto.

How much entropy do I need?

Session tokens: 128+ bits (16 hex chars or 22 base64 chars). API keys: 256 bits. Voucher codes: 40+ bits is usually enough (8 chars from a 32-char alphabet β‰ˆ 40 bits).

Can I exclude ambiguous chars?

Yes β€” preset for "no ambiguous" (excludes 0/O, 1/I/l) is built in. Or paste a custom charset.

Privacy?

All in browser.

Tips​

  • For real tokens, always use crypto RNG. The performance difference is negligible at typical scale.
  • For voucher / coupon codes, exclude 0/O/1/I/l β€” humans confuse them and complaints multiply.
  • For UUIDs specifically, use a UUID generator β€” RFC 4122 specifies the format, including version bits.
  • For seeded reproducibility, use Math.random with a seed β€” crypto RNG is non-reproducible by design.

Try it now​

The full string-generator runs in your browser at https://ztools.zaions.com/string-generator β€” no signup, no upload, no data leaves your device.

Open the tool β†—

Last updated: 2026-05-06 Β· Author: Ahsan Mahmood Β· Edit this page on GitHub