Temporarily lock yourself out of a service by encrypting e.g. your netflix password for a week
Encrypt a string to make it inaccessible for a given amount of time.
For example: if you need to focus on your studies the upcoming week, you could take your netflix password out of your password manager and lock it away for one week. After that week you will be able to extract the password again.
- Make strings inaccessible
- Group items in user account
- No login
- Generate own encryption key
- Secure encryption using GPG
Create a new item
Decrypt the created item
- new item - Create a new item
- new user - Create a new user
- status - Get all items of a user or decrypt an item
How it works
For every item that is created WITH a passphrase a new encryption key will be generated and the passed value (i.e. what you want to lock up, e.g. password) will be encrypted with that key. The user now has the passphrase with which their item has been encrypted, without this passphrase the item can't be decrypted. This also means that I (i.e. the admin) can't access the encrypted data, as I don't know the users passphrase.
Items WITHOUT a password are encrypted with a shared keypair (the passphrase is written down in cleartext!). This should be avoided for real use, as this means that I (i.e. the admin) am able to access whatever the user encrypted!
User accounts will also generate an encryption key, which will be shared among it's items.
GPG key generation is extremely slow at the moment, as it can take up to one minute. This is due to the fact that the hosted version of this app (lmo.jneidel.com is running on my shared hosting server. GPG just does not have the processing power available to generate the key in a reasonable amount of time (on my local machine it takes less than a second).
To reduce the amount of keys that will be generated I've removed the option to encrypt items anonymously (i.e. without a user account), but accounts can still be generated.
- Clone the repo
- Fill in
npm run build
npm run start-prodor
npm run start
gpg - 2.x:
GnuPG is required for the encryption of items.
See my dotfiles for a gpg install script.
Once installed you can test if gpg is working as intended with:
npm run test gpg
$ npm run test
Only data needed for the usage of the app is being retained:
- name of the item, if given
- encrypted value, not readable (see)
- end date
- associated user
Items can be permanently removed on the status page.
There is no logging.
Cookies only keep a link to the user in the top right corner.
MIT © Jonathan Neidel