lock

Random Password

Operational

Generate verifiable cryptographic passwords with entropy assessment, backed by drand

API Overview

Each password is generated by mapping drand beacon randomness onto a chosen character set using rejection sampling — guaranteeing uniform character selection with no modulo bias. Supported charsets include alphabetic, alphanumeric, alphanumeric+symbols, hex, and base64. The response includes an entropy-bits score so you can verify the password strength programmatically. Characters can be excluded (e.g. ambiguous characters like O, 0, l, 1) for human-readable passwords.

lock

Five Charsets

Choose from alpha, alphanumeric, alphanumeric+symbols, hex, or base64 depending on your use case.

shield

Entropy Scoring

Every response includes entropy-bits so you can enforce minimum strength thresholds programmatically.

verified

Bias-Free Generation

Rejection sampling over drand randomness guarantees uniform character selection with no modulo bias.

speed

Batch Up to 20

Generate up to 20 passwords per call — efficient for bulk account provisioning.

integration_instructions API Reference

data_object openapi.json open_in_new Swagger UI

data_object

OpenAPI Spec

openapi.json

open_in_new

description

Swagger UI

Interactive API explorer

open_in_new

GET /api/random/password

Body Parameters

Parameter	Type	Required	Description
`length`	integer	No	Password length (8–128, default 32)
`charset`	string	No	alpha \| alphanumeric \| alphanumeric+symbols \| hex \| base64
`count`	integer	No	Number of passwords (1–20, default 1)
`exclude`	string	No	Characters to exclude (URL-encoded), e.g. O0lI

terminal API Playground

Live Simulation

length (integer)

charset (string)

count (integer)

exclude (string)

import requests

url = "https://random.picopayd.codefission.co.uk/api/random/password"
params = {"length": 32, "charset": "alphanumeric+symbols", "count": 2}
headers = {"X-PAYMENT": "<402-payment-token>"}

response = requests.get(url, params=params, headers=headers)
print(response.json())

const params = new URLSearchParams({ length: 32, charset: 'alphanumeric+symbols', count: 2 });
const response = await fetch(
  `https://random.picopayd.codefission.co.uk/api/random/password?${params}`,
  { headers: { "X-PAYMENT": "<402-payment-token>" } }
);
const data = await response.json();
console.log(data);

curl "https://random.picopayd.codefission.co.uk/api/random/password?length=32&charset=alphanumeric%2Bsymbols&count=2" \
  -H 'X-PAYMENT: <402-payment-token>'

Response Body 200 OK

{
  "passwords": ["k#9Lm$2pQr!xW7vZ@T5nB&8cY3eH"],
  "length": 32,
  "charset": "alphanumeric+symbols",
  "entropyBits": 198.1,
  "proof": {
    "round": 21543892,
    "signature": "95a9...",
    "chainHash": "52db9b...",
    "timestamp": "2026-03-20T10:00:00Z"
  }
}