PassGeni V2: DNA Score, Compliance Presets, and 6 New Tools

What we built and why

The original PassGeni was a single-page password generator. It worked, but it was narrow — one tool, no context, no framework for why a particular password was strong or appropriate for a particular use case.

V2 is built on a different premise: password security is a system, not a feature. The generator is still at the center, but it's surrounded by the context, tools, and compliance infrastructure that make passwords actually secure in practice — not just technically complex.

The DNA Score

The most visible change: every generated password now gets a DNA Score — a composite metric that evaluates entropy, crack resistance, compliance, character balance, and uniqueness simultaneously.

Most password strength meters are binary. Either a red bar (weak) or a green bar (strong), driven by a simple algorithm that checks for uppercase, lowercase, numbers, and symbols. They tell you almost nothing useful about actual security.

The DNA Score breaks down each dimension separately. You can see exactly why a password scores the way it does, and what would improve it. More importantly, it's calibrated against real-world attack scenarios — the entropy calculation uses the actual character pool size, and crack time estimates are based on current GPU-accelerated cracking rates against industry-standard hash algorithms.

Compliance presets

V2 ships with six compliance presets that automatically configure the generator to meet specific framework requirements:

• HIPAA: 12-character minimum, full character set, aligned with HHS guidance and NIST 800-63B
• PCI-DSS v4.0: 12-character minimum, complexity requirements per Requirement 8.3.6
• SOC 2: 16-character minimum for CC6.1 compliance — what auditors expect to see
• ISO 27001: 14-character minimum per Annex A.9 guidance
• NIST 800-63B: Length-forward, no mandatory complexity, breach-awareness built in
• DoD 8570: 15-character minimum for Department of Defense Information Assurance requirements

Each preset enforces the appropriate minimum length and character requirements at the generation level — you don't need to manually configure anything. Select the framework, generate, done.

Post-quantum mode

Post-quantum mode generates passwords with minimum 20-character length and an expanded symbol set, targeting 128+ bits of entropy. This provides a meaningful safety margin against quantum computing advances without waiting for quantum computers to be a practical threat.

The reasoning: credentials generated today may still be in use in 10–15 years. Generating post-quantum resistant passwords now costs nothing extra in time or usability (you're storing it in a password manager anyway). The risk-adjusted case for using it is clear for long-lived secrets.

Six new tools

V2 adds six standalone security tools, all free, all client-side:

• Breach Checker: Checks any password against the Have I Been Pwned database using k-anonymity — only the first 5 characters of the SHA-1 hash leave your browser. The full password is never transmitted.
• Strength Checker: Full entropy analysis with crack time estimates across different attack scenarios and hash algorithms.
• Password Audit: Batch audit up to 10 passwords simultaneously — entropy, breach status, pattern detection.
• Policy Generator: Generates a complete, downloadable password policy document configured for any of the six compliance frameworks. Covers minimum length, complexity, rotation, MFA, audit logging, and emergency access.
• Secure Share: AES-256-GCM encrypted sharing. The decryption key lives in the URL fragment — it is never sent to any server, including ours. Share sensitive credentials with zero server-side exposure.
• WiFi QR Generator: Generates a scannable QR code from WiFi credentials. Useful for guest networks and onboarding. Entirely client-side.

The developer API

V2 ships with a documented REST API at /api/v1/generate. The free tier allows 50 calls per day — no API key required. The Team plan ($29/month) unlocks 5,000 calls per day, all compliance presets, and bulk generation up to 500 passwords per request.

The API is built for real workloads: password generation during user onboarding, credential rotation pipelines, compliance audit tooling. Full documentation with code examples in JavaScript, Python, and curl is at passgeni.ai/api.

What's coming in V3

The roadmap is public. In priority order:

• Full guide library: 18 compliance and security guides, written for the specific frameworks that security and IT teams actually work with
• Usage analytics dashboard for Team API subscribers
• Password audit reports: exportable CSV analysis of credential batches
• Additional compliance frameworks as they're requested

The generator and all tools are free forever. That's not changing. The team plan funds the infrastructure and content development that makes the free tools worth using.

Try it at passgeni.ai.