Generated locally in your browser — nothing is sent anywhere.
Uses your browser's crypto.getRandomValues() (a cryptographically
secure random source), not Math.random(). Entropy is
length × log₂(character-set size); anything above ~80 bits is fine for
almost any purpose, ~128 bits for long-lived high-value secrets.