What Makes a Password Secure in 2026?
Learn the latest best practices for creating and managing secure passwords in today's threat landscape.
Articles, guides, and best practices for keeping your accounts secure.
Learn the latest best practices for creating and managing secure passwords in today's threat landscape.
Generate passwords, passphrases, PINs, API keys, and usernames in your editor — with local strength checks and optional HIBP breach lookups.
Stolen credentials drive 39% of breach chains. Email, banking, managers, and dev accounts need MFA, passkeys, or hardware keys—not passwords alone.
A practical decision guide for sharing passwords, recovery codes, and other secrets without leaving unnecessary traces behind.
How browser password generators use Web Crypto randomness, what entropy means, and why rejection sampling avoids modulo bias.
A high-level introduction to Password-Authenticated Public-Key Encryption and how Half-Ideal Ciphers make practical post-quantum PAPKE variants possible.
Usernames are not secrets, but they are identifiers. A deeper look at reuse, breadcrumbs, random vs memorable handles, email aliases, and realistic limits—with links to both generator modes.
Keep your personal devices isolated while still giving visitors fast internet. Learn why guest SSIDs matter and how to set them up safely.
Understanding the techniques hackers use to break into accounts and the simple steps you can take to protect yourself.
Even one reused password can cascade into account takeovers. See why low-risk sites are not low-risk and how to fix reuse for good.
Step-by-step guide to checking if your passwords have been exposed in data breaches and what to do about it.
A detailed guide to Diceware: where it comes from, why it works, how many words you need, and how to generate a passphrase manually with dice or digitally with local wordlists.
What passkeys are, real registration and sign-in flows, common misconceptions, and why adoption has lagged the hype—while passwords and passkeys still coexist.