My Tools Garage

Random Salt Generator

Generate cryptographic salts in hex or Base64.

in-browser

How to use

  1. 1 Pick the salt size in bytes (16 bytes / 128 bits is a good default).
  2. 2 Choose an output encoding: hex, Base64 or URL-safe Base64.
  3. 3 Click Regenerate to draw a fresh cryptographically random salt.
  4. 4 Copy the salt and store it alongside the resulting password hash.

About Random Salt Generator

The Random Salt Generator creates cryptographically secure random salts for password hashing and key derivation.

A salt is a block of random bytes that you mix into a password before running it through a hash such as bcrypt, scrypt, Argon2 or PBKDF2.

Because every account gets a different salt, two users who happen to pick the same password end up with completely different stored hashes, which defeats precomputed rainbow tables and makes large-scale cracking far slower.

This tool draws its randomness from the Web Crypto API (crypto.getRandomValues), the same cryptographically strong source browsers use for keys and tokens, so the output is suitable for real security work rather than a predictable Math.random sequence.

You choose the size in bytes — 16 bytes (128 bits) is a sensible default, with 8, 32 and 64 byte options for lighter or heavier requirements — and the encoding you need: lowercase hexadecimal, standard Base64, or URL-safe Base64 without padding for use in tokens and query strings.

Everything runs locally in your browser.

No salt is ever sent over the network, logged or stored, so you can generate values for production systems with confidence.

Click Regenerate as many times as you like to draw a fresh salt instantly.

FAQ

How long should a salt be?

A salt of at least 16 bytes (128 bits) is widely recommended and is the default here. Longer salts add no meaningful cracking resistance but never hurt.

Is this salt cryptographically secure?

Yes. It uses the browser’s Web Crypto getRandomValues, a cryptographically strong random source, not the predictable Math.random generator.

Do I need to keep the salt secret?

No. Salts are not secret — they are stored next to each password hash. Their job is uniqueness, not concealment.