The reference desk
Technical writing on entropy, cryptographic keys, tokens and secure randomness — for developers who like to know why.
📊 What Is Password Entropy, Really?
The one number that decides how long a key resists brute force — derived from scratch.
read →🔣 Hex Keys vs URL-Safe Tokens
When to use each format and how many bits of entropy you actually need.
read →⚠️ Why Math.random() Is Not Secure
The predictable PRNG that should never touch a secret — and the right replacement.
read →🔑 How Many Bits for an API Key?
128 vs 256 bits, base64 length maths, and sane defaults you can ship.
read →⚠️ Common Password Mistakes and How to Avoid Them in 2026
Most password security failures come from the same handful of mistakes.
read →📋 Password Security Best Practices for 2026
A comprehensive guide to password security best practices for 2026.
read →⚔️ Strong Password vs Passphrase: Which Is Better?
The debate between strong passwords and passphrases is settled.
read →🔬 Understanding Password Entropy: A Technical Deep Dive
Password entropy is the most important security metric you are not tracking.
read →💡 Password Ideas Generator: Creative Ways to Generate Strong Passwords
Learn multiple creative approaches to generating strong passwords.
read →🔐 How to Create a Secure Password: Expert Recommendations for 2026
Stop using patterns that attackers can predict.
read →🛡️ What Makes a Password Strong? A Complete Guide
Password strength is about entropy, not complexity rules.
read →🔢 Password Entropy: How Randomness Determines Security
Password entropy measures how hard your password is to crack.
read →🔍 Why Open Source Password Generators Are More Trustworthy
Can you trust a closed-source password generator?
read →🏠 Self-Hosted Password Security: A Complete Guide
Take full control of your credential infrastructure.
read →