StatiCrypt uses AES-256 with WebCrypto to encrypt your html string with your long password, in your browser (client side).
Download your encrypted string in a HTML page with a password prompt you can upload anywhere (see example).
The tool is also available as a CLI on NPM and is open source on GitHub.
Disclaimer if you are an at-risk activist, or have extra sensitive banking data, you should probably use something else!
StatiCrypt generates a static, password protected page that can be decrypted in-browser: just send or upload the generated page to a place serving static content (github pages, for example) and you're done: the javascript will prompt users for password, decrypt the page and load your HTML.
The page is encrypted with AES-256 in CBC mode (see why this mode is appropriate for StatiCrypt in #19). The password is hashed with PBKDF2 (599k iterations with SHA-256, plus 1k with SHA-1 for legacy reasons (see #159), for the added recommended total of 600k) and used to encrypt the page.
It basically encrypts your page and puts everything with a user-friendly way to use a
password in the new file. AES-256 is state of the art but
brute-force/dictionary attacks would be easy to do at a really fast pace: use a long,
unusual password!
=> To be safe, we recommend 16+ alphanum characters, and using a password manager like the
open-source Bitwarden.
Feel free to contribute or report any thought to the GitHub project.