I built this because I kept running into situations where I needed to share sensitive URLs (private docs, beta links, etc.) but didn't want to trust a third-party service with the data.
How it works: - Client-side AES-256-GCM encryption using Web Crypto API - Your password and original URL are encrypted in the browser before storage - Zero-knowledge architecture - None can decrypt links without the password - except someone manages to break AES-256 :0 - Pure frontend (React + TypeScript), no backend database
The key insight: by doing encryption client-side, the server never sees your plaintext password or URL. It's architecturally impossible to decrypt without the password.
Use cases I've found helpful: - Sharing private Google Drive/Dropbox links - Distributing beta access URLs - Sending confidential resources to specific people
Tech details: - Encryption happens entirely in browser via Web Crypto API - No authentication or user accounts needed - Encrypted payload stored with URL hash fragment - Password never transmitted to server
Would love feedback from the community, especially on: - Security considerations I might have missed - UX improvements - Additional features that would be useful
Happy to answer any technical questions! connect w/ me on connect@pagelock.top