-
Notifications
You must be signed in to change notification settings - Fork 1
Comparisons
How Zefer relates to other well-known encryption tools. The short version: Zefer is for sharing a secret or file with someone — encrypted in the browser, no install, no account. Other tools shine at different jobs (cloud-folder encryption, full-disk encryption, vault-integrated sending). They are complementary, not strictly competitors.
Detailed, per-tool pages live on the site: /vs/hat-sh · /vs/picocrypt · /vs/bitwarden-send · /vs/cryptomator · /vs/veracrypt.
flowchart TD
Q{"What do you want to do?"}
Q -->|"Share a secret or file with someone"| SHARE{"In the browser, no install?"}
SHARE -->|"yes"| ZEFER["Zefer"]
SHARE -->|"already use a password manager"| BW["Bitwarden Send"]
SHARE -->|"prefer a desktop app"| PICO["Picocrypt"]
Q -->|"Keep a cloud-synced folder encrypted"| CRYPTO["Cryptomator"]
Q -->|"Encrypt a whole disk, USB, or volume"| VERA["VeraCrypt"]
| Zefer | Hat.sh | Picocrypt | Bitwarden Send | Cryptomator | VeraCrypt | |
|---|---|---|---|---|---|---|
| Primary use | Share secrets/files | Share files | Encrypt files | Send secrets/files | Cloud-folder vault | Disk/volume |
| Runs in the browser | ✓ | ✓ | ✗ (desktop) | ✓ | ✗ (desktop) | ✗ (desktop) |
| No install | ✓ | ✓ | ✗ | ✓ | ✗ | ✗ |
| No account | ✓ | ✓ | ✓ | ✗ (Bitwarden) | ✓ | ✓ |
| Cipher | AES-256-GCM | XChaCha20-Poly1305 | XChaCha20-Poly1305 | AES-256 | AES-256 | AES/Serpent/Twofish |
| Key derivation | PBKDF2-SHA256 | Argon2id | Argon2 | PBKDF2 | scrypt | PBKDF2 |
| Expiration | ✓ | ✗ | ✗ | ✓ | n/a | n/a |
| Dual passphrase | ✓ | ✗ | ✗ | ✗ | ✗ | ~ (keyfiles) |
| Reveal key | ✓ | ✗ | ✗ | ✗ | ✗ | ✗ |
| Secret question | ✓ | ✗ | ✗ | ✗ | ✗ | ✗ |
| IP allowlist | ✓ | ✗ | ✗ | ✗ | ✗ | ✗ |
| CLI | ✓ | ✗ | ✓ | ~ | ✗ | ✓ |
| AI / MCP server | ✓ | ✗ | ✗ | ✗ | ✗ | ✗ |
| Node.js library | ✓ | ✗ | ✗ | ✗ | ✗ | ✗ |
| Open source | ✓ (MIT) | ✓ | ✓ | ✓ | ✓ | ✓ |
| Price | Free | Free | Free | Freemium | Freemium | Free |
Competitor details are summarized in good faith and may change. The on-site
/vs/*pages carry the current, sourced comparisons.
- Hat.sh — also free, open source, and browser-based. Uses XChaCha20-Poly1305 with Argon2id and supports X25519 public-key encryption and many UI languages. Choose Hat.sh for public-key workflows; choose Zefer for advanced access controls (expiration, dual key, reveal key, secret question, IP allowlist).
- Picocrypt — a tiny, well-regarded desktop tool (XChaCha20-Poly1305) for offline file encryption. Choose Picocrypt to encrypt files locally without a browser; choose Zefer to share with access controls or to integrate via CLI/MCP/library.
- Bitwarden Send — great if you already live in Bitwarden; it is vault-integrated but requires an account, and file sending needs a premium plan. Zefer needs no account and is free.
- Cryptomator — encrypts vaults that sync transparently with cloud storage (Dropbox, Google Drive, OneDrive). Different job: ongoing cloud protection vs. Zefer's ad-hoc sharing. Many people use both.
- VeraCrypt — encrypts disks, partitions, and containers for local storage protection. Zefer encrypts individual files for sharing. Complementary threat models.
AES-256-GCM (Zefer) and XChaCha20-Poly1305 (Hat.sh/Picocrypt) are both modern, authenticated ciphers used in production worldwide. AES-256-GCM is hardware-accelerated on most CPUs and standard in TLS; XChaCha20-Poly1305 is resistant to timing attacks and fast in software. For practical purposes, both are equally safe — see Security Architecture.
📖 Glossary — terms on this page: AES-256-GCM · PBKDF2 · authenticated encryption · dual passphrase · reveal key · secret question · TTL / expiration · MCP · zero-knowledge. Full list in the Glossary.
📖 New to a term? See the Glossary. · Zefer · Repository · CLI · MIT © José Carrillo
Guides
- Getting Started
- How It Works
- Examples and Recipes
- Install and Self-Hosting
- Comparisons
- Troubleshooting
- FAQ
Security
Channels
Tools
Project
Reference