The whole project is based on a simple premise: The less we know, the better.
Security by design
Best practices, no extras.
- All messages are stored encrypted using AES-256, using a 512 bit password hash.
- After a secret has been viewed, we delete it permanently from our database. There is no backup.
- If a password is provided, we use it to encrypt your secret on the client - in other words, there is no way of decrypting your message, since we don't even store a hash of your password. Even with the most advanced attacks (e.g. man in the middle attack) or access to all our infrastructure an attacker couldn't read your message.
- As little third-party code as possible. No Google, no Facebook, no cookies, no tracking.
- All code is open-source on Gitlab. Dependencies are updated regularly.