Ever wanted to securely send a password to someone who didn't have GnuPG? Enter KeeDrop: each secret can only be retrieved once and only for 24h after it was stored. Additionally, it is encrypted in a way that ensures that the server operator will not be able to decrypt the password. The only way to be more secure is to use GnuPG or other end-to-end encryption with key verification.
- State-of-the-art encryption technology: Curve25519-XSalsa20-Poly1305, courtesy of TweetNaCl.
- The server never sees the unencrypted secret
- Automatically expunge data after 24h
- Alternatively, data is deleted on retrieval
- Doesn't track you with analytics
- Malicious software (browser extensions, keylogger etc) on the senders or recipients computer.
- Someone intercepting the link and retrieving the secret. But at least you'll know about it.
| name | required | value |
|---|---|---|
KEEDROP_CONTACT_NAME |
yes | Full name of site owner |
KEEDROP_CONTACT_ADDRESS |
yes | Quoted new-line delimited address info |
KEEDROP_CONTACT_EMAIL |
yes | Email for contact |
KEEDROP_CONTACT_GPGKEY |
no | GPG key |