- PfP: Pain-free Passwords security review
- Recognizing basic security flaws in local password managers
- Various RememBear security issues
- Bogus security mechanisms: Encrypting localhost traffic
- Should you be concerned about LastPass uploading your passwords to its server?
- Maximizing password manager attack surface: Learning from Kaspersky
- Password managers: Please make sure AutoFill is secure!
- Is your LastPass data really safe in the encrypted online vault?
- Can Chrome Sync or Firefox Sync be trusted with sensitive data?
- Master password in Firefox or Thunderbird? Do not bother!
- Implementing safe sync functionality in a server-less extension
- Easy Passwords is now PfP: Pain-free Passwords
- Implementing efficient PBKDF2 for the browser
- More Last Pass security vulnerabilities
- Easy Passwords moving forward – filling in user names
- Underestimated issue: Hashing passwords without salts
- Adventures porting Easy Passwords to Chrome and back to Firefox
- Security considerations for password generators
- Introducing Easy Passwords: the new best way to juggle all those passwords