Passphrase.io – A Social Experiment With Lots of Potential
Storing sensitive data in a secure and safe environment is not an easy task to accomplish for most people. Even though there are multiple guides on the internet of how to store data, and even encrypt if needed, doing so is still a hassle for most people. After all, our society values convenience above anything else, even if it goes at the cost of security.
On top of that, even if a user manages to create a backup of their sensitive data, there is still the question of what type of media to use. Storing a text file with passwords in the cloud is not the best of ideas, and physical storage is subject to wear and tear. Plus, there is always the potential of physical storage being stolen or tossed away on accident. Alternative solutions have to be created, and that is exactly what Passphrase.io aims to do.
The way Passphrase.io works is rather simple: open up the website, enter your passphrase and type the text you want to save in the notepad. It is important to remember the passphrase you entered at the beginning, as this “token” will be used to authenticate access to your notepad in the future. Rather than forcing users to create an account, a passphrase provides a more user-friendly authentication procedure for users.
Creating a passphrase may seem easy at first, but don’t be fooled by the platform’s simplicity. It is imperative to create a strong and lengthy passphrase. In fact, using shorter sentences, or combinations that can be gathered from games, music, movie or tv shows, have a higher chance of “being stumbled upon” by malicious individuals.
As soon as such a service launches, there is the unavoidable question of how secure a platform like Passphrase.io is. According to the developers, all of the information is encrypted in the user’s browser, making it impossible to see plain text notepad content or passphrases. Once you click “Save” in your notepad, all data is encrypted with AES-256, after which an SHA-256 hash is run on the user’s passphrase.
And this is where things draw a major parallel to Bitcoin’s ideology. Similar to how Bitcoin users need to remember their private key in order to access funds, Passphrase.io users need to keep their passphrase safe at all times. There is no recovery for a Bitcoin wallet when you lose the private key, and there is no recovery process for Passphrase.io either.
Last but not last, the encrypted passphrase and hash are stored on servers controlled by the Passphrase.io team. Considering both these key elements are encrypted, the Passphrase.io staff will never be able to determine your passphrase, nor your notepad content. And with no data being stored in your browser after closing the website, there is no trace left behind of what you entered.
Potential Use Cases For Passphrase.io
As good as all of the above may sound, there is no guarantee that consumers will start using Passphrase.io en masse. But there are some potential use cases for such a service at this time. Storing sensitive passwords, or even an important piece of text on Passphrase.io, rather than unencrypted in the cloud, are just two simple examples.
Perhaps the most interesting sue cases for Passphrase.io comes in the form of its “social experiment” aspect. Because there are no logins to meddle with, it won’t take until malicious individuals try to start guessing passphrases in order to see what kind of data is being stored in people’s notepads. Should this be the case, it will also provide a proper test to see how serious consumers are taking security when it comes to sensitive data.