—
The HMAC is computed locally via the Web Crypto API. Key and message bytes never leave the browser. Both inputs are treated as UTF-8 text.
All processing runs in your browser — no files or inputs are uploaded to a server.
Related tools
Password Generator
SecurityGenerate strong random passwords with adjustable length and character sets — fully client-side, with entropy and strength readout.
TOTP / 2FA Code Generator
SecurityGenerate time-based one-time passwords (RFC 6238) compatible with Google Authenticator and 1Password. Paste a base32 secret or otpauth:// URL — codes update live, fully in-browser.
RSA Key Pair Generator
SecurityGenerate an RSA public / private key pair in PEM format (PKCS#1 or PKCS#8). Useful for JWT signing keys, SSH testing, and one-off encryption — for production keys, use OpenSSL.
JSON Formatter
DeveloperFormat and validate JSON. Indented or minified output, with clear error messages.