Skip to content

keedrop/keedrop

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

169 Commits
.github/workflows
.github/workflows
 
 
.vscode
.vscode
 
 
cypress
cypress
 
 
site
site
 
 
.editorconfig
.editorconfig
 
 
.env.example
.env.example
 
 
.eslintrc.yml
.eslintrc.yml
 
 
.gitignore
.gitignore
 
 
.linthtmlrc
.linthtmlrc
 
 
.npmrc
.npmrc
 
 
.stylelintrc
.stylelintrc
 
 
.tool-versions
.tool-versions
 
 
Dockerfile
Dockerfile
 
 
Gemfile
Gemfile
 
 
Gemfile.lock
Gemfile.lock
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
Rakefile
Rakefile
 
 
SECURITY.md
SECURITY.md
 
 
_config.yml
_config.yml
 
 
cypress.config.js
cypress.config.js
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
icon.svg
icon.svg
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 
server.go
server.go
 
 
server_test.go
server_test.go
 
 
styles.css
styles.css
 
 
test.json
test.json
 
 

Repository files navigation

License Build Uptime Ratio Maintainability

KeeDrop - securely send passwords

Ever wanted to securely send a password to someone who didn't have GnuPG? Enter KeeDrop: each secret can only be retrieved once and only for 24h after it was stored. Additionally, it is encrypted in a way that ensures that the server operator will not be able to decrypt the password. The only way to be more secure is to use GnuPG or other end-to-end encryption with key verification.

Security features

  • State-of-the-art encryption technology: Curve25519-XSalsa20-Poly1305, courtesy of TweetNaCl.
  • The server never sees the unencrypted secret
  • Automatically expunge data after 24h
  • Alternatively, data is deleted on retrieval
  • Doesn't track you with analytics

What it cannot defend against:

  • Malicious software (browser extensions, keylogger etc) on the senders or recipients computer.
  • Someone intercepting the link and retrieving the secret. But at least you'll know about it.

Setup

Environment variables

name required value
KEEDROP_CONTACT_NAME yes Full name of site owner
KEEDROP_CONTACT_ADDRESS yes Quoted new-line delimited address info
KEEDROP_CONTACT_EMAIL yes Email for contact
KEEDROP_CONTACT_GPGKEY no GPG key

About

Don't paste your secrets into the chat

keedrop.com

Topics

javascript browser encryption secret link

Resources

Readme

License

MIT license

Security policy

Security policy
Activity
Custom properties

Stars

11 stars

Watchers

3 watching

Forks

3 forks
Report repository

Releases

No releases published

Contributors 3

  •  
  •  
  •  

Languages