How IDK Works

The Simple Truth

IDK uses deterministic password generation. This means same inputs (site name + master password) always produce the same password. No database, no sync, no complexity.

What Happens When You Click Generate

  1. Your site name gets cleaned (e.g., "GitHub" becomes "github")
  2. We use PBKDF2 with your master password + site name
  3. 100,000 iterations with SHA-256 hashing
  4. The hash gets converted to a readable password
  5. All happens in your browser - we see nothing

Security Details

  • PBKDF2 + SHA-256 - Industry standard
  • 100,000 iterations - Slow for attackers
  • Client-side only - Never leaves your device
  • No tracking - Zero data collection

Why Deterministic?

  • No password database to hack
  • Works offline once loaded
  • Same password on any device
  • No sync issues or data loss
  • Simple and transparent

⚠️ Important: Master Password is Everything

If you forget your master password, all generated passwords are gone forever. There's no recovery by design. Write it down somewhere safe!

Technical Details

// Simplified implementation:
cleanSite = siteName.toLowerCase().replace(/[^a-z0-9]/g, '')
salt = encode(cleanSite)
hash = PBKDF2(masterPassword, salt, 100000, SHA-256)
password = mapHashToChars(hash)

Why IDK Exists

Traditional password managers are complex, get hacked, and create vendor lock-in. IDK is simple, transparent, and gives you full control. It's password management without the management bullshit.

Back to Generator
AboutSource Code© 2025

Crafted by Kartik Tyagi