Entropy Keycrypt


Online Document Vaults

No single tool is appropriate for all tasks. Please consider your requirements and select accordingly. For long term, completely offline, robust, and user friendly storage of valuable static secrets, Entropy is generally the better choice.

Apple Family Passwords
Apple Family Passwords is a recently added feature to Safari on macOS Sonoma where you may share website login details with family members. Each family member has the ability to use, add, or edit passwords. It appears to be a handy solution for sharing access to low value data, like your Netflix, Kindle, and so on. It is not currently well suited to sharing high value offline data, where access is undesirable until after your death or incapacitation.

SLIP-0039 is only suitable for reconstructing a supported cryptocurrency wallet. The encryption scheme is based on a four round fiestel network. Entropy can be used to reconstruct any secret, including any cryptocurrency wallet that uses the standard BIP wordlist. Entropy is designed with great care for ease of use, even for people who may not be well versed in technical matters. Do your loved ones or associates understand the difference between the SLIP derivation paths m/44'/501'/0'/0' and m/44'/60'/0'/0/1? If SLIP-0039 suits your use case then please consider it but in our view, for most people Entropy is a more robust and user friendly solution.

Any Online Secure Document Vault
Online `secure document vaults' purport to facilitate posthumous access to important files, but this convenience comes with several security drawbacks. Intrinsically, these services hold a copy of your encryption key, creating a potential security risk. This arrangement allows not only the service provider but also potential hackers who breach the system to access your stored data. Some platforms may tout features like key splitting or partial key sharing as added security measures. However, this is often a moot point, as the service at some juncture has full access to all necessary key shares to reconstruct the secret. Additionally, while some services offer browser-side encryption via JavaScript as an extra security layer, this approach is fraught with its own set of vulnerabilities, including susceptibility to cross-site scripting attacks and browser-specific security flaws. In summary, these vaults may seem convenient but frequently compromise robust security and confidentiality.

A more secure alternative to any online vault might be to configure your existing Apple ID with a Legacy Contact, then encrypt the data you upload to iCloud with a secure passphrase using any number of 3rd party tools that run locally on your computer. Once encrypted and uploaded, use Entropy to create and distribute shares of your encryption passphrase. Configuring iCloud with Legacy Access in this way enforces a logical and physical seperation between your data, the encryption key, and the encryption process. This way you ensure there is no single point outside of your control capable of fully accessing your secured information.

Next: Third party disclaimer