PangolinMatrix - Private password matrix encoder
If someone reads your password list, what would they actually see?
Write down passwords that are reversible only using your private matrix and directive but useless to anyone else
Demo only
PurpleCat42!<br>→<br>O[mWsI]LT-Xb
Same length. Different characters. Recoverable only with your unique matrix and personal directive.
PangolinMatrix turns real passwords into unrecognizable text. Write down the encoded version instead of the real password. Recover it later with your private matrix.
No real password storage. No hidden password syncing.
How is this secure?
Create My Free Private Matrix
No credit card. No subscription. Takes about 30 seconds.
No real passwords stored
Free to use
No subscription required
Works offline with a printed matrix
Sample private encoding grid
Your real matrix is randomly generated for your account.
9 x 9
Encode<br>PurpleCat42!<br>→<br>Directive: 3L,5D<br>→<br>O[mWsI]LT-Xb
3L,5D means move 3 left, then 5 down for each character. To decode, reverse it: 3R,5U.
First letter example: P becomes O after 3 left and 5 down.
You do not have to count cells every time. After signup, your matrix page includes an encode/decode helper. See the helper in action.
Prefer to understand first?
Read the security model
See exactly what PangolinMatrix stores, what it never stores, and why separation matters.
Read the security model →
Prefer no account?
Try the No-Account Kit
Generate a browser-only matrix and directive for offline use. Nothing is saved or recoverable.
Use the No-Account Kit →
How to keep it safe
The protection comes from keeping three pieces separate
1. Matrix
Your matrix stays in PangolinMatrix
Protected by your account password and email code.
You can also print or save a private backup for offline recovery.
2. Encoded passwords
Your encoded passwords stay elsewhere
Keep them in a spreadsheet, notebook, or cloud drive.
Never copy or store your real passwords there.
3. Directive
Your directive stays separate
Memorize it, or save it somewhere different from both the matrix and encoded passwords.
This is the piece you should avoid storing beside the other two.
Walkthrough
See it live in 1 minute
Watch a quick example of encoding a password, writing down only the encoded version, and decoding it back when needed.
Build My Free Private Matrix →
Demo only. Never record or share real passwords, your directive, or your full private matrix.
Your real passwords never touch our servers — by design
PangolinMatrix stores your account and private matrix, but not the real passwords you encode!
Read the full security model →
How is this secure?
The protection comes from separation
Does PangolinMatrix store my real passwords?<br>No. The helper runs in your browser. PangolinMatrix stores your account and private matrix, but not the real passwords you type into the helper.
What should I keep separate?<br>Keep your encoded password list away from your matrix. Your directive should be memorized or saved separately, because it is not the main security boundary.
What happens if I lose my matrix?<br>You may not be able to recover encoded passwords. Print or save a private backup of your matrix and store it somewhere separate from your encoded password list.
Trust, honestly stated
No invented testimonials. No inflated user counts.
PangolinMatrix is new. The security model is public, the tool explains what it stores, and feedback is welcome from people who want to review the idea carefully.
in<br>Built by Ahmet Ertek
Security model explained<br>Contact the creator
Start with separation
Write down passwords that are reversible only using your private matrix and directive but useless to anyone else
Keep a password list that is useless without your private matrix.
Create My Free Private Matrix
Terms
Close
PangolinMatrix stores your randomized matrix, account email, and hashed account password. It does not store your real passwords or your directive.
Your directive is shown once. If you lose it, PangolinMatrix cannot recover it or decode your saved encoded passwords.
You are responsible for protecting your account and keeping your matrix separate from encoded password notes. The directive should be memorized, but it is not enough protection if both the matrix and encoded notes are exposed.
The matrix method reduces certain risks, but no security method can guarantee protection against every mistake, attack, or disclosure.
Privacy Policy
Close
We collect the information needed to run your account: email address, hashed account password, randomized matrix, verification status, and login verification records.
We do not ask for, store, or recover your real third-party passwords. Browser helper inputs are processed in your browser and are not saved by PangolinMatrix.
Email is used for account verification and login codes. Security logs may be kept to protect the service and investigate abuse.
If...