End-to-end encrypted
cloud storage for your configuration

Using the latest client side crypto APIs, we encrypt your data directly in the browser to securely store it in the cloud.

Get started now

Looking for a place to store your environment variables?

Environment variables need to be protected. When prototyping and deploying between different environments, we give you a safe, protected place to backup all your secrets as you work.

POSTGRES_DB=UserDb

POSTGRES_USER=admin

POSTGRES_PORT=5432

Password managers are good, but...

Context is important. Having a quick easy place to store related secret information, will speed up your development workflow. Whenever you're dealing with database usernames/passwords, api keys, server usernames/passwords, you can now store them in one document for easy consumption.

# Accounts - for my site

Email: contact@wcfg.dev/password2023

## Social Media

Twitter: @securedveloper/passjam2934

## FTP

drummer89/92j3lkdf*21

...

Backups matter.

You never know when the worst can happen. You check your code into source control, but where do you backup your configuration? You need to minimize downtime if we need to rebuild our environments. Secure your configuration and your peace of mind.

If you're curious about why we made this, check out the manifesto.

how it works

We use the web crypto library, so all encryption is done on the client-side, in your browser.

  • First, we generate you an RSA keypair, a public key and private key.
    • *The public key can be known by anyone, but you must keep the private key secret.
  • Create a new document, and enter in some content you wish to secure.
  • When you save the document, the client side encryption library runs, and only the encrypted data is pushed to our servers.

challenge

We believe in our approach. If you don't, prooooove us wrong.
Here is an encrypted file with some instructions if you're able to crack it.
Good luck!

compatibility test

Your browser needs to support the following to work with this site:

Javascript.....false
Indexed DB.....false
Crypto JS......false
Cookies........false

Your browser is not fully compatible with this site.

frequently asked questions

What happens if I lose my keys?

Unfortunately, there's nothing we can do. Privacy with encryption is secure for a reason. We recommend you backup your keys in two formats:
- Print a paper copy. (yes its old tech, but it still works)
- Put the keys on a protected USB drive
On the brightside, nobody else can access these files, and you can still purge them off our servers

Do you store private keys on the server?

No. We do not store private keys, and we don't want to. The private key is yours alone to protect and safeguard. Check for yourself, open your browser developer tools, and analyze the traffic we send.

What about public keys, do you store public keys on the server?

Yes, we will most likely store your public key on the server. Public keys are meant to be shared and can be given to anybody you want to be able to send you secure encrypted messages. We would store your private key to send you secure messages that only you could read.

Where do you store the keypair on the client side?

IndexedDB. Is that safe?!
IndexedDB follows a same-origin-policy, so other sites aren't able to access the IndexedDB on this domain.
And with CSRF concerns or click-jacking, the keys are stored as NOT exportable. So if a site did click jack and attempted to export the keys, they would not export.

Try it for free!