How it works

Secret creation

  • You provide a secret phrase to share and a password
  • Your password is hashed once with a random generated salt
  • Your password's hash is used to perform AES-256 authentication with a randomlgenerated salt
  • Your password is hashed a second time using the same method
  • We now have your password hashed twice, the encrypted secret and the random salt
  • The result is then stored on a redis database with a limited TTL (Time to live)
  • You receive a unique link reprensing the above entry.

Using the link

  • You send the link to someone and they visit it
  • They input the password to access the data
  • The password is hashed twice and compared to the stored version for this entry.
  • If the password hash matches the hash of the entry then we can proceed
  • Now we hash the provided password and use it to decrypt the encrypted secret
  • The result is sent to the user and displayed
  • We also check if the entry has reached max usage and delete it if so

Privacy

  • Nothing is stored unencrypted
  • Everything gets removed when the link reaches its TTL (That you set, defaults to 10 minutes)
Back
Crafted with ❤️ by Ben Afonso