files/en-us/web/api/window/crypto/index.md
{{APIRef("Web Crypto API")}}
The crypto read-only property of the {{domxref("Window")}} interface returns the {{domxref("Crypto")}} object for this window's scope. This object gives web pages access to certain cryptographic related services.
Although the property itself is read-only, all of its methods (and the methods of its child object, {{domxref("SubtleCrypto")}}) are not read-only, and therefore vulnerable to attack by {{glossary("polyfill")}}.
Although crypto is available on all windows, the returned Crypto object only has one usable feature in insecure contexts: the {{domxref("Crypto.getRandomValues", "getRandomValues()")}} method. In general, you should use this API only in secure contexts.
An instance of the {{domxref("Crypto")}} interface, providing access to general-purpose cryptography and a strong random-number generator.
This example uses the crypto property to access the {{domxref("Crypto.getRandomValues", "getRandomValues()")}} method.
<p id="myRandText">The random numbers are:</p>
<button type="button">Generate 10 random numbers</button>
function genRandomNumbers() {
const array = new Uint32Array(10);
globalThis.crypto.getRandomValues(array);
const randText = document.getElementById("myRandText");
randText.textContent = `The random numbers are: ${array.join(" ")}`;
}
document.querySelector("button").addEventListener("click", genRandomNumbers);
{{EmbedLiveSample('Examples')}}
{{Specifications}}
{{Compat}}