How it works, simply: the site asks short, memory‑based questions about habits and patterns you use for passwords (name cues, dates, favorite numbers, job hints, common symbols). An AI model uses those answers and learned human password patterns to generate a short list of likely passwords you might actually have used. I used the list to try plausible combos until one worked.
Privacy and limits: nothing you type is stored long‑term. Inputs are processed transiently and never used for training. The tool is strictly for recovering your own accounts. Do not use it on other people’s accounts.
Threat model and safety: this is a last‑resort recovery aid, not a replacement for proper account recovery, 2FA, or password managers. I want the community to critique the security model, suggest attacks I missed, and help me close gaps.
If you’re a security researcher or HN reader with notes on cryptography, privacy, or ethical concerns, I’d love your feedback. Links, tests, and honest critiques welcome.