Encrypted Temporary Messaging

php   encryption   javascript   security  

Due to the need for sending passwords and other sensitive information this tool was created. Existing tools require the user to trust the provider therefore it was a good idea to create a tool that was entirely controlled internally to avoid any of the information being intercepted.

Security Features

To mitigate the risk of a 'man in the middle' attack all of the encryption happens in the browser on the client-side. Once encrypted the tool sends the message to the server using https. The decryption key is not stored on the server - just the hash to authenticate it. 

Additionally the message is deleted once read or based on the options set. It also has an expiry date and is only readable before that. This all means information can be passed securely over insecure methods such as messengers and email - however it is advisable to send the key using a different channel for additional security.

The tool can be accessed here: