Mar 3 · 7 min read · In my previous post, I talked about why I'm building TwoFac. The short version? I got tired of proprietary "digital cages" like Authy and wanted an authenticator that was open, secure, and—most import
Join discussion
Feb 9 · 7 min read · Keeper Forcefield est une extension du gestionnaire de mots de passe Keeper, reposant sur un driver kernel qui permettrait de prémunir le gestionnaire de mots de passe des attaquants volant les secrets en mémoire. Aussi, nous avons décidé de nous int...
Join discussion
Feb 9 · 1 min read · Generating random strings in JavaScript is tricky. Most people use Math.random(), but it is not cryptographically secure. In this tutorial, I'll show you how I built a Secure Password Generator that runs entirely in the browser using the window.crypt...
Join discussion
Jan 20 · 5 min read · به «ایران امن» خوش آمدید. تصور کنید برای درب ورودی منزل خود، کلیدی ساختهاید که هزاران نفر دیگر شبیه آن را دارند یا میتوانند به راحتی حدس بزنند آن را کجا پنهان کردهاید. استفاده از اطلاعات شخصی به عنوان رمز عبور (Password) در دنیای دیجیتال، دقیقاً م...
Join discussion
Jan 20 · 1 min read · Many people still paste passwords into random online tools without realizing the risk. A safer approach is a client-side password strength checker, where: The password never leaves your device No API calls are made Everything runs in JavaScript ...
Join discussionJan 4 · 4 min read · Self‑hosting your own password manager is one of the most empowering projects you can take on, especially if you are already running services on a Raspberry Pi. For this setup, I decided to host an open-source version of Bitwarden using Vaultwarden. ...
Join discussion
Dec 20, 2025 · 3 min read · 📝 Quick Summary: PearPass is a desktop application for secure password management, offering encrypted storage for credentials and notes. It synchronizes data across devices and provides offline access, along with features like password generation an...
Join discussionNov 23, 2025 · 4 min read · Your email inbox is the core of your digital life.Every password reset, bank alert, social login, OTP, and online identity connects back to it. But what if someone could take over your email account quietly, without you noticing? This cyberattack has...
Join discussion
Nov 22, 2025 · 7 min read · Before we start looking into the vulnerabilities and best practices, let's do a quick recap of what we've learned so far in Part 1. We started by looking at password reset from your perspective as a user, clicking that "Forgot Password" link, enterin...
Join discussion
Nov 17, 2025 · 6 min read · Introduction: The Deceptive Simplicity of Your Digital Key Your email address—that simple string of characters like name@example.com—feels harmless, almost administrative. In the grand scheme of cybersecurity, we are often fixated on the complexity o...
Join discussion