No description
Find a file
2024-10-30 00:49:30 +01:00
routes add endpoint to check if password exists 2024-10-30 00:36:53 +01:00
static add popup when password does not exist 2024-10-30 00:49:30 +01:00
storage add endpoint to check if password exists 2024-10-30 00:36:53 +01:00
Dockerfile first commit 2024-10-30 00:08:11 +01:00
go.mod first commit 2024-10-30 00:08:11 +01:00
LICENSE.md first commit 2024-10-30 00:08:11 +01:00
main.go add endpoint to check if password exists 2024-10-30 00:36:53 +01:00
README.md first commit 2024-10-30 00:08:11 +01:00

PassED

EMail, but for passwords.

Did you ever run into the issue of needing to share a password with someone in a secure manner and you did not know how?

You want to send it to them by EMail, but there it will surely get logged along the way.

You want to write it send it to them over WhatsApp, but that's not that secure.

You want to write it on paper, but everyone can read that.

PassED solves these issues by allowing you to generate single-use URLs that contain your password.

How it works

When you create a password URL, PassED firstly encrypts the password in your browser using AES-GCM. It then uploads the encrypted password to the server, which responds with an ID that uniquely identifies that password. The AES Key and IV is then stored in the URL, along with the ID.

When someone views the password, PassED looks at the URL. It knows the password ID, AES Key and IV. It reaches out to the server, asks for a password with the ID from the URL, and then decrypts it with the AES Key and IV.

This model ensures that a malicous host can not read the passwords.