About PassLab
Who built it, why it exists, how to verify the claims.
The product
PassLab is a password generator that runs entirely inside your browser. It uses the standard Web Crypto API — the same cryptographic primitive your browser uses to negotiate HTTPS — and never transmits the generated value to a server. The website itself runs analytics and may show advertising; the password generator does not.
The author
PassLab is built and maintained by Marcin Lewandowski, a product designer with 20+ years of experience across print, ecommerce, web and UX/UI. I built PassLab because every other password generator either tracked you, required signup, or hid its methodology. None of those are acceptable for a tool people use only when they specifically care about security.
Find me on LinkedIn. Contact: hello@depthia.com.
The legal entity
PassLab is operated by Marcin Lewandowski t/a Depthia, a UK sole trader. Correspondence address: 66 Paul Street, London EC2A 4NA, United Kingdom. ICO data-protection registration ZC164548. For privacy or data-protection enquiries, see the privacy policy.
Our editorial standards
Every per-platform recommendation is checked against the platform's own published policy. Where we cite a breach, attack statistic or crack-time figure, we link to a primary source. Where we cite a standard, we link to it — typically NIST SP 800-63B for entropy and length guidance, or the OWASP Password Storage Cheat Sheet for storage practices. Every per-platform page carries a "Last reviewed" date and is re-checked quarterly.
Verify the claim yourself
Open developer tools, switch to the Network tab, reload any generator page, then click "Generate" as many times as you like — you will see zero outbound requests carrying the generated value. The password is created inside your tab using crypto.getRandomValues().