Security Batch Processing 2026-04-07

Generate Bulk Passwords and API Keys

Q: Are these passwords cryptographically secure?

Yes, when using secrets (Python), crypto.randomBytes (Node.js), or openssl rand (Bash). These use the OS cryptographic random number generator. Never use Math.random() for passwords.

Generate hundreds of secure passwords, API keys, and UUIDs for user provisioning, secret rotation, and environment setup using CLI and scripts.

Tools used: Password Generator + UUID Generator All Free

The Problem

You need to provision 50 new user accounts with unique passwords, rotate API keys across microservices, or generate UUIDs for a database migration. Creating them one at a time is tedious and error-prone.

Why Batch Processing Matters

Bulk secret generation is essential for onboarding users at scale, rotating secrets across environments, seeding test databases with realistic credentials, and automating infrastructure provisioning. Cryptographically secure generation ensures each secret is unique and unpredictable.

Common Use Cases

Provision new employee accounts with unique secure passwords
Rotate API keys across all microservices during a security incident
Generate UUIDs for database migration scripts
Create .env files with unique secrets for each deployment environment

Step-by-Step Instructions

Define your requirements

Decide password length, character sets (uppercase, lowercase, digits, symbols), and quantity. For API keys, 32-64 hex characters is standard. For UUIDs, use v4 (random).

Generate using cryptographically secure methods

Always use /dev/urandom, secrets module (Python), or crypto (Node.js). Never use Math.random() or random module for security-sensitive generation.

Output to a secure file

Write generated secrets to a file with restricted permissions (chmod 600). Never log secrets to stdout in production environments.

Distribute securely

Use a secrets manager (Vault, AWS Secrets Manager) or encrypted channels to distribute. Delete the generation file after distribution.

Code Examples

# Generate 20 random passwords (16 chars, alphanumeric + symbols)
for i in $(seq 1 20); do
  openssl rand -base64 16 | tr -d '/+=' | head -c 16
  echo
done > passwords.txt

# Generate 50 API keys (32 hex characters)
for i in $(seq 1 50); do
  openssl rand -hex 16
done > api_keys.txt

# Generate UUIDs (v4)
for i in $(seq 1 100); do
  uuidgen | tr '[:upper:]' '[:lower:]'
done > uuids.txt

# Generate .env secrets for multiple services
for svc in auth billing api gateway; do
  echo "${svc^^}_SECRET=$(openssl rand -hex 32)"
done > .env.secrets
chmod 600 .env.secrets

import secrets
import string
import uuid

def generate_password(length: int = 16) -> str:
    """Generate a cryptographically secure password."""
    chars = string.ascii_letters + string.digits + "!@#$%&*"
    return "".join(secrets.choice(chars) for _ in range(length))

def generate_api_key(length: int = 32) -> str:
    """Generate a hex API key."""
    return secrets.token_hex(length // 2)

# Generate 50 passwords
passwords = [generate_password(16) for _ in range(50)]
with open("passwords.txt", "w") as f:
    for i, pw in enumerate(passwords, 1):
        f.write(f"user_{i:03d},{pw}\n")

# Generate 50 API keys
api_keys = [generate_api_key(32) for _ in range(50)]
with open("api_keys.txt", "w") as f:
    for key in api_keys:
        f.write(f"{key}\n")

# Generate 100 UUIDs
uuids = [str(uuid.uuid4()) for _ in range(100)]
with open("uuids.txt", "w") as f:
    f.write("\n".join(uuids))

print(f"Generated: 50 passwords, 50 API keys, 100 UUIDs")

const crypto = require('crypto');
const fs = require('fs');

function generatePassword(length = 16) {
  const chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%&*';
  const bytes = crypto.randomBytes(length);
  return Array.from(bytes).map(b => chars[b % chars.length]).join('');
}

function generateApiKey(length = 32) {
  return crypto.randomBytes(length / 2).toString('hex');
}

function generateUUID() {
  return crypto.randomUUID();
}

// Generate bulk secrets
const passwords = Array.from({ length: 50 }, (_, i) =>
  `user_${String(i + 1).padStart(3, '0')},${generatePassword()}`
);
fs.writeFileSync('passwords.txt', passwords.join('\n'));

const apiKeys = Array.from({ length: 50 }, () => generateApiKey());
fs.writeFileSync('api_keys.txt', apiKeys.join('\n'));

const uuids = Array.from({ length: 100 }, () => generateUUID());
fs.writeFileSync('uuids.txt', uuids.join('\n'));

console.log('Generated: 50 passwords, 50 API keys, 100 UUIDs');

Single vs Batch Comparison

Single password (web tool)

Click Generate → copy one secure password

Batch output

$ python generate_secrets.py
Generated: 50 passwords, 50 API keys, 100 UUIDs

$ head -3 passwords.txt
user_001,Kx9#mBq&Lp2vWn7R
user_002,Tf4@hYz$Nc8jRm3Q
user_003,Vb7*dSw!Gk5xAe9P

$ head -3 api_keys.txt
a3f2b8c91d4e7f0a2b5c8d1e3f6a9b0c
7d91e4a0b3c6f8d2e5a7c0b4d9f1e3a6
b28f3dc5e8a1b4c7d0f3a6e9b2c5d8f1

Frequently Asked Questions

Are these passwords cryptographically secure?

Yes, when using secrets (Python), crypto.randomBytes (Node.js), or openssl rand (Bash). These use the OS cryptographic random number generator. Never use Math.random() for passwords.

How should I store generated passwords?

Store in a password manager or secrets vault (HashiCorp Vault, AWS Secrets Manager). If writing to a file temporarily, use chmod 600 and delete after distribution. Never commit secrets to git.

What's the recommended password length?

Minimum 12 characters for user passwords, 16+ recommended. For API keys and secrets, use 32-64 hex characters (128-256 bits of entropy). Longer is always better for automated systems.

Related Batch Guides

🛡

Each tool runs in your browser with no signup required. Process single items instantly.

Open Password Generator Open UUID Generator

← All Batch Guides All Developer Guides