Password Manager Resources


A place for creators and users of password managers to collaborate on resources to make password management better.

Resources currently consist of data, or "quirks", as well as code.

"Quirk" is a term from web browser development that refers to a website-specific, hard-coded behavior to work around an issue with a website that can't be fixed in a principled, universal way. In this project, it has the same meaning. Although ideally, the industry will work to eliminate the need for all of the quirks in this project, there's value in customizing behaviors to ensure better user experience. The current quirks are:

  1. Password Rules: Rules to generate compatible passwords with websites' particular requirements.

  2. Shared Credentials: Groups of websites known to use the same credential backend, which can be used to enhance suggested credentials to sign in to websites.

  3. Change Password URLs: To drive the adoption of strong passwords, it's useful to be able to take users directly to websites' change password pages.

  4. Websites Where 2FA Code is Appended to Password: Some websites use a two-factor authentication scheme where the user must append a generated code to their password when signing in.


  • JavaScript, Ruby