Encrypted chat - help page

How it works?

Unlike traditional so-called "secure chats" where only the connection is secured between the browser and the server, thus on server side all messages can be readed and logged in plain text format, encrypted chat approaches the problem from a different perspective: it encrypts the messages itself before they leave the browser's frontend utilizing the AES-256 algorithm with a secret password specified by the user.

With this simple, but unquestionably most effective solution decryption of any message is only possible with the knowledge of the passphrase given at the inital encryption stage. So there is no need to secure the connection, messages travels in their Crypted form inside the entire pipeline. On server side there is no known solution to break that cipher in a reasonable time, so the conversations remains private between the participants who joined a room with the same password.

Common mistake belief

Most people thinks that if a website uses a HTTPS connection (especially with the green address bar) then their "typed-in" informations are transmitted and stored securely. This is only partially true. The transmission is crypted well, so no third party can sniff those informations, but there is no proof that the website owners will handle them with maximum care, not mentioning that the suitable laws can enforce anyone to serve stored data for the local authorities.

Overall, this means that if anyone uses a chat service with similar security technology, the conversiation will be visible for the participants and (at least) for the website owners. That case is probably not acceptable in every situation, especially where mission critical informations have to be exchanged.

Perfect solution

Encrypted chat's unique encryption feature ensures that only and exclusively the participants of a room with a shared password are able to read each others messages. More precisely, anyone else who may acquires the conversation without the knowledge of the password won't be able to decode it. Crypted are loggin names and text chat content.

Program control

All this is without registration! The connection is uniquely defined by the room and password. In other words, everybody must enter same room and password, if you want to see counterparty in chat. Username used only for identify the chated person.

Use secret password

Make sure you use different passwords for each of your accounts. Be sure no one watches when you enter your password. Always log off if you leave your device and anyone is around—it only takes a moment for someone to steal or change the password.

Use comprehensive security software and keep it up to date to avoid keyloggers (keystroke loggers) and other malware. Avoid entering passwords on computers you don’t control (like computers at an Internet café or library)—they may have malware that steals your passwords. Don’t tell anyone your password. Your trusted friend now might not be your friend in the future. Keep your passwords safe by keeping them to yourself.

Depending on the sensitivity of the information being protected, you should change your passwords periodically, and avoid reusing a password for at least one year. Do use at least eight characters of lowercase and uppercase letters, numbers, and symbols in your password. Remember, the more the merrier.

Strong passwords are easy to remember but hard to guess. Iam:)2b29! — This has 10 characters and says “I am happy to be 29!” I wish. Use the keyboard as a palette to create shapes. %tgbHU8*- Follow that on the keyboard. It’s a V. The letter V starting with any of the top keys. To change these periodically, you can slide them across the keyboard. Use W if you are feeling all crazy. Have fun with known short codes or sentences or phrases. 2B-or-Not_2b? —This one says “To be or not to be?”

It’s okay to write down your passwords, just keep them away from your computer and mixed in with other numbers and letters so it’s not apparent that it’s a password. Check your password strength. If the site you are signing up for offers a password strength analyzer, pay attention to it and heed its advice.

You can also write a “tip sheet” which will give you a clue to remember your password, but doesn’t actually contain your password on it. For example, in the example above, your “tip sheet” might read “To be, or not to be?”