passwd.io does only one thing, but it tries to do it well. It allows you to store your confidential data (e.g. passwords, online banking credentials, etc.) online in a secure manner, but without the need to register, or to download an application.
This allows you to have your data with you at all times and wherever you are, without any setup steps - as long as you have internet access, you will be able to securely access your data.
The important thing is that your data is yours, and yours only. The information transmitted to the passwd.io servers is already encrypted - none of your confidential data is known to us, not your passphrase, not your content, not even your mail adress.
This works because the passwd.io servers are just a "dumb" data store - encryption happens on the client, in your web browser. For this, passwd.io uses AES encryption and PBKDF2 hashing, two very secure crypto algorithms.
You start by entering your mail adress and a passphrase. Both are hashed and sent to the server - this way, passwd.io is able to authenticate you, without the need to know what your mail adress and passphrase actually are. Only the hashes are received by the server.
The cleartext passphrase is then used to encrypt your confidential data on the client - thus, only encrypted data is transferred.
Thus, the passwd.io server knows your hashed mail adress, your hashed passphrase, and your encrypted data. This way, we are completely unable to decrypt your data, because to do so, the unhashed passphrase is needed, which is never sent over the wire.
When you access your data, again only the hashes are sent to the servers, and are used to find your encrypted data - which is then sent to your browser where it is decrypted locally by using your cleartext passphrase.
Because no registration is needed, it's possible for someone else to use your mail adress for storing data. However, this is not dangerous, because none of this data is ever transmitted or stored in the clear. However, it would stop you from using your own mail adress, because it's already taken - but there is a simple and secure solution.
All you need to do is to use the account recovery function - you provide your mail adress - which in this single case actually needs to be sent to our servers in the clear. We then generate a one-time token for the account that was created using your address, and sent this token to your mail adress.
Because you are the actual, valid owner of this mail adress, only you are able to receive the token. You can then use it to completely delete the account and data stored for your mail address. You are then able to create a new account with your mail address.
We are currently working on a fully automated recovery function. During the passwd.io beta, please just send an eMail to firstname.lastname@example.org, and we will take care of everything.
What could possibly go wrong? Here is a list:
Someone is eavesdropping your connection, reading the information you sent to and receive from the server.
This isn't dangerous, because only hashed and encrypted data is sent over the wire, making it extremely hard to break for the attacker. As long as you chose a strong passphrase, your data is secure.
Nevertheless, passwd.io runs over an encrypted TLS connection, which makes eavesdropping very difficult.
Someone breaks into the passwd.io servers and steals all data and code.
This isn't dangerous, because again, the attacker only gains access to encrypted and hashed data. He does not gain access to your mail address or passphrase, and, as long as you chose a strong passphrase, won't be able to decrypt your confidential data.
Nevertheless, we take a lot of precautions to make sure that our servers are protected against unauthorized access.
Even if you want to, you can't use passwd.io over a non-encrypted connection - usage of a TLS encrypted HTTPS connection is enforced.
Secure passphrases only
The weakest point in passwd.io security is the passphrase you choose. We therefore strongly recommend using strong passphrases, i.e., strings which are at least 24 characters long. While this might sound like impossible to memorize, it is in fact very simple - read more about that here.
Publicly available code
The client code of passwd.io, where hashing and encryption take place, is publicly available under a standardized open source license. Anyone, including you, can peer review the code for potential security weaknesses. Just visit https://github.com/manuelkiessling/passwd.io to access the source code.