🔒 Security & Authentication Tools
Hash, encrypt, generate keys, and decode tokens. Security tools that never touch a server.
Security tools that process sensitive data on a remote server defeat their own purpose. A password generator that sends your new password to an API, or a JWT decoder that transmits your authentication token to a third party, introduces risk instead of reducing it. Every security tool in BoltQuickTools runs entirely in your browser using the Web Crypto API and JavaScript. Your passwords, hashes, keys, and tokens never leave your device.
Hashing and Integrity Verification
The Hash Generator produces MD5, SHA-1, SHA-256, and SHA-512 digests for both text input and uploaded files. Use it to verify file integrity after downloads, compare checksums provided by software distributors, or generate hashes for password storage workflows. The HMAC Generator signs messages with a shared secret using SHA algorithms and is useful for webhook validation, API request signing, and authentication testing. Both tools compute signatures directly in your browser with no data upload.
Password and Identifier Generation
Strong passwords are the first line of defense for any account. The Password Generator creates cryptographically random passwords with customizable length, character sets (uppercase, lowercase, digits, symbols), and exclusion rules. It shows entropy scores so you can gauge the strength of each generated password. The UUID Generator creates version 4 (random), version 7 (time-ordered), ULID, and Nano ID identifiers. These are essential for database primary keys, distributed systems, session tokens, and any context where globally unique identifiers are needed.
Token and Certificate Inspection
The JWT Decoder parses JSON Web Tokens into their three components: header, payload, and signature. It displays all standard claims (issuer, subject, audience, expiration, issued-at) in a readable format and highlights expired tokens. The Basic Auth Header Generator builds and decodes Authorization headers for quick API testing during integration work. These tools are indispensable for debugging OAuth flows, API authentication, and single sign-on integrations. The SSL Certificate Decoder parses PEM-encoded X.509 certificates, showing the subject, issuer, Subject Alternative Names (SANs), validity dates, public key details, and fingerprints. It helps you verify certificate chains, check expiration dates, and diagnose TLS configuration issues.
Key Generation
The SSH Key Generator creates RSA and ECDSA key pairs directly in your browser, outputting both OpenSSH and PEM formats. You can generate keys for development environments, CI/CD pipelines, or temporary access without installing any command-line tools. Since the keys are generated locally, the private key never passes through any network connection.
Hash Generator
Generate MD5, SHA-1, SHA-256, SHA-512 hashes for text and files.
LiveHMAC Generator
Generate HMAC-SHA1, SHA256, SHA384, and SHA512 signatures with hex or Base64 output.
LiveBasic Auth Header Generator
Create and decode HTTP Basic Authorization headers from username and password values.
LivePassword Generator
Generate strong, secure passwords with customizable length and character sets.
LiveJWT Decoder
Decode JSON Web Tokens. View header, payload, claims, and expiration.
LiveUUID Generator
Generate UUID v4, v7, ULID, and Nano IDs. Bulk generation with one click.
LiveSSL Certificate Decoder
Decode PEM certificates. View subject, issuer, SANs, expiration, fingerprints, and chain.
LiveSSH Key Generator
Generate RSA and ECDSA key pairs in your browser. OpenSSH and PEM format output.
Live