Step 1: enter password here. Minimum 12 characters, though longer is better.



Q: What is this and why is it here?
A: It's an easy way to encrypt a file with a password and decrypt it later. I wrote the desktop version out of frustration that there was no simple, portable, safe way to protect a file with a password. I wanted to make a mobile version but writing apps was a hassle and distributing this as a small static website is much more pleasant than paying Apple $100/year for a developer account and dealing with app stores. This version is interoperable with the desktop version.

Q: How do I encrypt multiple files under the same password?
A: Put them in a .zip first then encrypt that. iOS does this natively, but for Android you'll need a third-party app.

Q: What happens to my data?
A: Nothing you encrypt or decrypt with Cloaker is sent anywhere. Everything is done on your device, by your browser, with JavaScript and WebAssembly. This page is just static HTML/CSS/JS served by GitHub, so they likely collect some metadata about visits (see their privacy policy), but I do not.

Q: Did you write the crypto, you fool? Where's the code?
A: No, Cloaker just uses the pwhash and secretstream APIs from libsodium.js. Code is here.

Q: How large of a file can I encrypt/decrypt?
A: Depends how much RAM is in your device. Cloaker has to keep the file in memory in until you navigate away from the page, so it does not work for large files on phones. (Come on, FileSystemWritableFileStream! The streamsaver library can stream downloads from JS but uses service workers and I didn't want to go that way.) If you have a computer, use Cloaker which is faster, handles arbitrarily large files, and has cross-platform GUI and CLI versions.

Q: How does it encrypt/decrypt in a long-running operation without interrupting the UI?
A: Web workers!