Security Practices
Our browser-based cryptography methodology, network transmission boundaries, and responsible vulnerability reporting parameters.
This page details our platform security practices. As a local utility provider, our security model focuses on keeping your execution boundary confined entirely to your local device.
1. Cryptographic Standards
Passwords and UUID values use secure browser APIs, preventing predictable sequences.
For secure random operations, we never use `Math.random()`, which is pseudo-random and vulnerable to predictive modeling. All secure keys are computed locally using the standard `crypto.getRandomValues()` browser utility, which taps into the operating system's hardware entropy.
2. Network Isolation
Generated values are never sent over the network to any database or logging server.
The values produced by our Password Generator, Barcode Generator, and QR Code Generator are generated in local state memory. No network packets containing these outputs are created or sent, ensuring they cannot be intercepted by third parties.
3. Infrastructure & SSL
We host on Cloudflare's secure edge network, using modern TLS encryption protocols.
GeneratorBrain is served via Cloudflare's globally distributed content network. We enforce HTTPS using TLS 1.3 to ensure that the static assets loaded in your browser are untampered with and safe to execute.
4. Responsible Disclosures
If you find a security bug, disclose it privately. We do not run a paid bug bounty, but we act immediately.
Security research is critical. If you discover a vulnerability, please send a detailed email to security@generatorbrain.com. We acknowledge submissions within 48 hours and work to patch verified bugs as a top priority.