The keygen element was initially introduced by Netscape and later accepted by other browsers. The keygen element is intended to provide a safer way to authenticate users; that is done in that manner that the <keygen> generates a public-private key-pair field in a form. When a form gets submitted, a public key and a private key are generated; the private key gets stored on the client side (local PC), and the public key gets sent to the server. Thus created, this key-pair combination may be used with secure servers to generate certificates or similar, increasing an overall security of our systems.


<input type="text" name="username" />

<keygen name="secure-key" />


  • name - Specifies the name of the <keygen> element.
  • keytype - Specifies which security algorithm will be used. Following values are accepted:
    • rsa
    • dca
    • es
  • autofocus - Tells browser whether the <keygen> element will get an automatic focus after page loads, or not; the value is autocomplete.
  • form - Specifies form or forms that the <keygen> element belongs too; the value is form_id.
  • challenge - Defines the <keygen> as "to be challenged" when submitted.
  • disabled - A standard disabled value that most of the form element have; it disables the <keygen> element.
  • global attributes
  • event attributes


The keygen element usage example:


›› go to examples ››