PGP Key Generator

Yes, all PGP keys are generated entirely in your browser using client-side JavaScript. Your private key never leaves your device and is not transmitted to any server. This tool uses the OpenPGP.js library, which implements the OpenPGP standard for secure key generation.

For new keys, we recommend ECC Curve25519 as it offers excellent security with better performance and smaller key sizes than RSA. ECC keys are modern and widely supported. RSA keys (2048, 3072, or 4096 bits) are still secure but are considered legacy and should only be used when compatibility with older systems is required.

Yes, setting a strong passphrase is highly recommended. A passphrase encrypts your private key file, so even if someone gains access to your private key file, they cannot use it without knowing the passphrase. Choose a long, memorable passphrase that is difficult to guess.

Setting an expiration date provides an additional security layer. If your key is ever compromised, the damage is limited to the expiration period. It also encourages good key hygiene by prompting you to rotate keys periodically. We recommend setting a 2-year expiration for most use cases.

Your public key can be shared freely with anyone who wants to send you encrypted messages or verify your digital signatures. Your private key must be kept secret and secure, as it is used to decrypt messages sent to you and create digital signatures. Never share your private key with anyone.