Click
here to download and locally unencrypt all your saved data. Clear data will be shown in the box below in xml format.
What is it ?
UserEncrypted.com is basically a repository of encrypted notes/passwords like others; the difference is that your data never leaves your computer
unencrypted. All the operations of encryption/decryption take place in your browser, and only encrypted data is sent to our server.
How was it born ?
This service is a "proof of concept" of what explained in my article:
Practical uses of client side encryption
How does it work ?
It makes use of Javascript implementations of the AES encryption algorithm and SHA1 digest algorithm.
When you first register to the service, your password is SHA1 digested and only then it is sent to our server.
Any data you will input on the system will be AES encrypted using your password, and only then saved on our server.
When you will ask for your data, its encrypted form will be sent to your browser, only there it will be unencrypted using
your password and then shown to you.
What if someone spoofs my connection to get my password ?
They will only get your SHA-1 digested password, but your data is encrypted using your clear password, which NEVER leaves your browser.
What if I forget my password ?
You will lose all your data, as there's no way for us to recover your password.
Next steps
- Implementation of missing functionalities (i.e. editing existing categories/items)
- A new user interface (using cool web2.0 widgets)
- An alternative java applet for smart-card/token certificate PKI usage
