HTML <keygen> Tag
The <keygen> tag generates keys to encrypt and decrypt data submitted via HTML forms. data. Tag description, attributes and examples.
The <keygen> tag is one of the HTML5 elements. It is responsible for generating a pair of keys (public and private) used to encrypt and decrypt data sent to the server when an HTML form is submitted. The public key is sent to the server along with the submitted form data, while the private key never leaves the user’s device and is managed by the browser or operating system keychain.
Its primary purpose was form encryption and authentication, rather than digital signatures.
The <keygen> element allows the user to choose from a range of key size options and specify where to generate the key, for example, in a smart card or software stored on disk. This functionality works with both cryptographic hardware and standard software-based key generation.
Syntax
The <keygen> tag is placed in the <form> container; the closing tag isn’t required. But in XHTML, the <keygen> tag must be self-closed (<keygen />).
Example of the HTML <keygen> tag:
HTML <keygen> Tag
<!DOCTYPE html>
<html>
<head>
<title>Title of the document</title>
</head>
<body>
<form action="/form/submit" method="post">
<keygen name="rsaPublicKey" keytype="rsa">
User’s name:
<input type="text" name="usr_name" />
<input type="submit" />
</form>
</body>
</html>Result
Browser Support
- Chrome, Edge, Firefox, Safari, Opera: Deprecated and removed. All major browsers dropped support for
<keygen>in 2021 due to security and usability concerns. - Mobile Browsers: Not supported.
Note that the <keygen> tag is deprecated in HTML5 and should not be used. Instead, it is recommended to use other methods of authentication, such as OAuth or OpenID.
Attributes
| Attribute | Value | Description |
|---|---|---|
| autofocus | autofocus | Defines that the element automatically receives focus when the page loads. Not supported in IE and Firefox. |
| challenge | string | Defines a challenge string passed along with the public key. Defaults to an empty string if omitted. |
| disabled | disabled | Indicates that the <keygen> element must be disabled. |
| form | form_id | Associates the element with a specific form by ID. Not supported in IE. |
| keytype | rsa, dsa, ec | Defines the key encryption algorithm. rsa is the only officially standardized value. dsa and ec were never standardized and had inconsistent browser support. rsa (default) offers high/medium security. dsa allows key size selection. ec offers high/medium security. |
| name | string | Defines the name of the <keygen> element. |
The <keygen> tag supports the Global Attributes and the Event Attributes.
Practice
What is true about the HTML <keygen> tag?