password-generator

Helps you Generate Passwords

🔐 Password Generator & Compliance Actor

Generate secure, policy-driven passwords at scale with enterprise-ready defaults, hashing, entropy scoring, rotation metadata, and export support — all in a single Apify Actor run.

This Actor is designed for:

• Developers
• DevOps & CI/CD pipelines
• Security & IAM teams
• Regulated environments (enterprise IT, banking, government)

---

✨ Key Features

• 🛡 Security presets (Personal, Enterprise, Banking, Government, Vault-Safe)
• 🔐 Cryptographically secure password generation
• 🔢 Bulk password generation (hundreds or thousands per run)
• 🧮 Entropy calculation & strength classification
• 🔑 Hashing support (bcrypt / SHA-256)
• 🚫 Hash-only / vault-safe mode (no plaintext output)
• 🔁 Password rotation metadata
• 📄 CSV / TXT / JSON export
• ⚙️ Automation & CI/CD friendly
• 💰 Simple pay-per-run pricing

---

🧠 How It Works

1. Select a security preset
2. (Optional) Override with advanced options
3. Passwords are generated using cryptographically secure randomness
4. Optional hashing, entropy scoring, and rotation metadata are applied
5. Results are returned as structured output

The Actor is stateless:

• No passwords are persisted
• No secrets survive the run
• No external services are contacted by default

---

📥 Input Configuration

Due to Apify platform constraints, inputs are flattened and validated at runtime.

🔹 Common Inputs

Field	Description
preset	Security preset to apply
count	Number of passwords to generate
passwordLength	Length of each password

---

🔹 Advanced Inputs

Field	Description
entropyEnabled	Enable entropy & strength calculation
hashingEnabled	Enable password hashing
hashingAlgorithm	bcrypt or sha256
hidePlaintext	Suppress plaintext passwords
rotationEnabled	Add rotation metadata
rotationDays	Rotation interval in days
exportFormat	json, csv, or txt

💡 Presets apply secure defaults. Advanced options override preset behavior when specified.

---

🛡 Security Presets

Preset	Intended Use
personal	Individual or low-risk use
enterprise	Corporate & internal systems
banking	Higher entropy & stricter policies
government	Maximum entropy & rotation
vaultSafe	Hash-only, no plaintext output

Presets are enforced contracts, not suggestions. Invalid combinations fail fast.

---

📤 Output Format

Each Actor run produces a structured JSON result.

Top-level structure

{
  "metadata": { ... },
  "passwords": [ ... ],
  "export": "optional"
}

---

🔹 metadata

Field	Description
preset	Applied security preset
timestamp	ISO-8601 run timestamp
count	Number of passwords generated

---

🔹 passwords[]

Each entry represents one generated credential.

Field	Description
id	Sequential identifier
password	Plaintext password (omitted in hash-only mode)
hash	bcrypt or SHA-256 hash
entropy	Calculated entropy score
strength	Strength classification
rotateAfter	Recommended rotation date

🔐 In hash-only / vault-safe mode, plaintext passwords are never returned.

---

🔹 export

Optional CSV or TXT export content when requested.

---

📦 Data Storage

• Dataset: One record per Actor run (structured JSON)
• Key-Value Store: Optional, used only when integrations are enabled

By default, no additional storage keys are created.

---

🔌 Optional Integrations (Enterprise & Automation)

By default, this Actor is intentionally minimal and secure:

• Results are returned via the Apify Dataset
• No external systems are contacted
• No data leaves Apify unless explicitly configured

This keeps the Actor:

• Secure by default
• Easy to audit
• Predictable to operate

---

Available Optional Integrations

The following integrations can be enabled on demand for automation or enterprise workflows:

🔑 Key-Value Store Exports

• Store outputs under named keys

• Retrieve files directly via Apify API

• Useful for:

  • Large CSV / TXT exports
  • Direct download links
  • Downstream automation

🔔 Webhook Automation

• Receive notifications when runs succeed or fail
• Trigger CI/CD, provisioning, or vault ingestion workflows
• Webhook payloads include run metadata and storage identifiers

🔐 Passwords are never sent directly in webhook payloads. Downstream systems must explicitly fetch data using Apify API credentials.

---

Security-First Integration Design

Optional integrations are disabled by default to minimize attack surface.

When enabled:

• Hash-only / vault-safe mode is strongly recommended
• Plaintext output can be fully suppressed
• No outbound data transfer occurs without explicit configuration

This aligns with zero-trust and compliance-first environments.

---

💼 Enterprise & Paid Integrations

Optional integrations are treated as enterprise features.

They are intended for:

• CI/CD pipelines
• Identity & access management systems
• Secrets managers
• Regulated production environments

Integration features may require:

• Explicit enablement
• Additional configuration
• Enterprise pricing tier

This ensures:

• Predictable costs
• Controlled usage
• Dedicated support when required

---

💰 Pricing

Pricing model

Pay per run

Price

$0.03 USD per run

One run can generate hundreds or thousands of passwords, making the effective cost per credential extremely low.

---

Example costs

Usage	Runs	Cost
Development testing	10	$0.30
Nightly CI/CD rotation	30	$0.90
HR onboarding (500 users)	1	$0.03

---

🔐 Security & Compliance Notes

• Cryptographically secure randomness
• No password persistence
• No logging of secrets
• Hash-only / vault-safe mode supported
• Designed for auditability and automation

⚠️ This Actor generates credentials but does not store or manage them long-term. It is not a password manager.

---

🚫 What This Actor Does NOT Do

• ❌ No live HTTP server
• ❌ No streaming or long-running processes
• ❌ No automatic vault writes
• ❌ No password recovery

These exclusions are intentional for security and predictability.

---

⚙️ Automation & CI/CD

The Actor integrates cleanly with:

• Apify API
• Webhooks (optional)
• GitHub Actions
• CI/CD pipelines
• Internal provisioning systems

One API call = one run = predictable billing.

---

🧩 Versioning & Stability

• Output fields are backward-compatible
• New fields may be added
• Breaking changes only occur in major versions

---

🏁 Summary

Generate secure, policy-driven credentials at scale — safely, predictably, and affordably.

This Actor is ideal when you need:

• Automation
• Compliance
• Strong defaults
• Predictable costs