An easy and secure way to exchange passwords and other secrets
Exchanging passwords via email is still the norm in many
enterprises. This is highly risky for several reasons:
Emails are usually not end-to-end encrypted, except if you have
manually set up certificates.
Lots of times, emails are not even encrypted in transit (between
the sending and receiving email server), so the communication is
easily hijacked by an attacker.
Emails stay around forever. Even when you think you delete them,
they often just end up in an "archive" and are still readable to
anyone who gains access to your account.
This project tries to get rid of this insecure habit by providing an
easier, more secure way to exchange secret information.
There are some existing alternatives that work in a similar manner,
but do not provide the same rich
security feature set.