This repository contains notes, references, and research related to passwords, PINs, and authentication practices, maintained as a technical reference.
The material here focuses on understanding how passwords and PINs are chosen, generated, and validated, and where real-world systems commonly fail from a security and usability perspective.
Topics and references include:
- Statistical analysis of PIN and password popularity (e.g., heat maps of common PIN choices)
- Historical context, such as password lists involved in early incidents (e.g., the Morris worm)
- Documentation and examples of password and PIN generators
- Vendor and standards guidance (e.g., Microsoft security advisories)
- Reference implementations and example scripts used for analysis or demonstration
This repository is intended for documentation, study, and research.
It does not contain real credentials, secrets, or harvested password
data, and it is not intended as an offensive or cracking toolkit.
Out of scope:
- Real credentials, secrets, or leaked password databases
- Tools or instructions intended to bypass authentication systems
- Password cracking or exploitation workflows
This repository is maintained for documentation and research purposes only.
dinopass.com
sites/services to securely send/share passwords
link to table, differences in pw generation (password or passphrase or PIN) among lastpass, bitwarden, keeper, ewallet, etc
e.g. cannot configure pin generation to less than 5 digits, cannot configure passphrase to less than 3 words, passphrase special separater is not randomized,
character confusion (0 O o 1 l L | j 5 S ; : , . ` ')