Hacker News new | past | comments | ask | show | jobs | submit login

The end to end encryption necessitates a hard to remember uri anyway, so I don't think you can have both "secure" and "memorable".





Yeah; ID length was definitely another challenge. Time-expiration helped, but. I was going with 6 digits as a middle ground but it wasn't super secure, even if an upload expired after a few minutes. And of course there was no way for the user to know for sure that I couldn't keep around a copy without the E2E.

Theoretically, yes. But they could also derive keys from a shorter password value -- like password managers.



Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: