OktoPass uses the modern Web Crypto API on the client side to generate strong passwords.

If the client browser does not support this feature, then the password is generated on the server-side using cryptographically secure pseudo-random integers interface.

Read about the application and generation methods in this article (in Russian).