Journal

Field Notes

A running journal for password and identity defense. These notes are opinionated, tactical, and focused on what actually changes compromise probability for real users and teams.

Open Resources View Breach Desk

Field Note 01

Why password managers are still the practical default in 2026

April 8, 2026 | Strategy | 6 min read

Passkeys are growing fast, but most users still live in a mixed environment. The manager remains the bridge technology that keeps unique secrets viable everywhere.

Read article

Field Note 02

The hidden risk in account recovery flows

April 8, 2026 | Recovery | 5 min read

The strongest password in the world does not help if a stale phone number, a weak helpdesk script, or an old backup email can bypass it.

Read article

Field Note 03

Passkeys first: where to deploy them for maximum impact

April 8, 2026 | Passkeys | 4 min read

Treat passkey rollout as an identity graph problem. Start with email, admin consoles, finance, and source control because they affect everything else.

Read article

Pagination

Page 1 of 2

Editorial Direction

Practical security over abstract advice

The journal is where longer-form thinking lives: rollout strategy, human behavior, team workflows, and the controls that still fail even after people pick stronger passwords.

Best Companion

Use the journal with the tools

Articles tell you what to change. The forge and audit pages let you act on it immediately by replacing weak credentials and inspecting old patterns.