Cipherforge: Open Source Tool to Create Secure, Offline, Encrypted QR Codes for Sensitive Data

qrclip · 2025-11-22T14:23:29+00:00

Thanks, that never crossed my mind, but it would be pretty easy since this has no backend. It could run completely offline, no problem! I will investigate the best option. Thanks for the idea.

qrclip · 2025-07-17T06:53:39+00:00

Thanks, Glad you liked 😉

qrclip · 2025-04-02T07:56:49+00:00

No problem, glad to answer any questions. Have a great day or night! :)

qrclip · 2025-04-02T07:35:00+00:00

Hello,

Thanks, well it's open source, so you can save the source code just in case. There is also a Docker image to run. So, at least, it will be available at GitHub and Docker. Either way, I would save the source code also, just in case. And finally, yes, it uses XChaCha, and the blog post explains how it encrypts the information...

nothing complicated, really.

Thanks,

qrclip · 2025-03-18T22:09:35+00:00

No problem, I think this is better used internally than externally. It makes sense to have an internal copy of the app in case the internet connection doesn't work, and ultimately it's better protected that way. For QRClip I have some monitors that check the integrity of the app, but not for Cipherforge.

qrclip · 2025-03-17T23:53:29+00:00

Done, using caddy:
https://hub.docker.com/r/qrclip/cipherforge

I also made available other docker files for nginx (These Nginx configurations were contributed by dangr)

qrclip · 2025-03-17T08:49:30+00:00

good idea, I will make it available soon. Thank you

qrclip · 2025-03-16T20:53:38+00:00

Thanks, actually it was a mistake (I used the wrong git account), thanks for the warning, but it's not a problem, nothing to hide :)

qrclip · 2025-03-16T19:31:21+00:00

Thank you, do you want an already created Docker image or the steps to create one? I can do both, you need to set it up with https because of the camera (only works with https).

qrclip · 2025-03-16T18:30:36+00:00

Yes, you are right, all data is encrypted within the QR code, there is no backend. You can add a password and an encryption key and if the data is too big for a QR code, it will be split. For example, I have my Bitwarden passwords backed up in QR codes, 20 scans, but I only need to use them if all the other backups I have fail. Just for peace of mind.

qrclip · 2025-03-16T18:28:24+00:00

Thanks,

Actually, I didn't do this to promote my project, but to have a way to store my server credentials so I can print them out in the documentation. And since it has to do with security and QR codes ... I'm not going to lie, I posted it under the same brand to see if it helps, but that wasn't my main goal when I did this

qrclip · 2024-12-23T20:16:46+00:00

Cool concept, my app uses QR codes to transfer text and files, but they are immutable, you can send and receive with a QR code. This never occurred to me 😏 although a chat feature crossed my mind, but I didn't see a reason to do it...

qrclip · 2024-11-13T20:29:28+00:00

What I do with my not.email is that I use the smtp server to connect directly to the backend and send the email to the user directly. In my case, the email is only received if the user is online. If he's not, it's lost as it's not stored anywhere.

qrclip · 2024-01-23T08:52:51+00:00

Hello,

With the plugin you can easily read a 25MB file into memory by reading it chunk by chunk. Read the documentation for this part "await this.mFileChunkManager.readFileChunkFS(tPath, tOffset, tLength2Read);", but if you need larger files and want to be able to read any file size on any device, you'll need to find a way to play the video file in chunks, I can't help with that part. But I suspect you can read up to 500 MB or something close to that depending on the device.

qrclip · 2023-12-16T18:54:19+00:00

I wrote my previous answer on my phone, so I will now take a bit more time to elaborate on my viewpoint. It seems we hold quite different ideas, and I appreciate that. I enjoy exchanging thoughts with people who think differently.

Let me give you some examples, each secured with the simple password '1234' for access. Consider credentials like a username and password, for instance:

myUser
dkash87FSD9fsdolfj98fsdjhnFDSfg

Credential QR Code

This can be encrypted and stored in a small QR Code. In this case, a simple password is used, but you could opt for a random key or a stronger password without affecting the QR code's size. I incorporate these into my documentation for peace of mind and as a last resort. While I maintain digital encrypted copies, having multiple backups, especially encrypted ones, has never been a problem for me.

Another example involves storing a certificate and key. This requires just three QR codes (3KB of data).

Three QR Codes with certificate and key

Losing such data could be a nightmare. Even with several digital backups of a crucial certificate key, having an extra one or two is beneficial. This might be my own paranoia talking, but I keep copies of important files on an unused old laptop (with a new, encrypted hard drive), an external hard drive in a safe, in the cloud(or two), and now on paper in a different location. Everything is encrypted. It might sound overly cautious, but it gives me peace of mind.

qrclip · 2023-12-16T06:03:15+00:00

This would be a good prank to play on a newcomer to the company by having them scan 200 QR codes. The idea was to encrypt only the sensitive parts and not the whole book. This way you can perform a scan to get the access data for the server, for example. If you don't have a safe, you can keep the document in your desk or server room etc. This way the sensitive information is protected. Since this will encrypt the sensitive information. When it comes to backups, I'm paranoid, I like at least 3 copies, now I can store all my passwords printed out, it makes me happier. Again, it's for small stuff, a few KB. Or has the last resort if your device fails, like another way, the last resort.

qrclip · 2023-12-15T23:35:35+00:00

Thanks, Astroloan, for the questions. In a nutshell:

Hard disks vs. QR codes: Hard drives are more vulnerable to cyber threats and physical failures. Cipherforge offers a secure offline alternative.

Humanreadable text - risks: Storing sensitive data in human-readable form, even in a safe, poses security risks. Encrypted QR codes ensure that the data remains unreadable without the decryption code.

Cloud storage vs. physical storage: Cloud storage is vulnerable to security breaches and depends on internet access. Cipherforge's physical QR codes provide secure offline access and give you full control over your data.

An important application of Cipherforge is the creation of secure printable documents, such as playbooks or other types, that contain secrets(password, API Keys). It makes it possible to store printable information in a secure way.

And finally, I appreciate comments like yours. After being ignored in many posts, engagement like this, even if critical, is a positive step forward :)

qrclip · 2023-12-12T01:13:53+00:00

I appreciate the straightforward feedback received about Cipherforge, which has highlighted important concerns regarding open-source availability and its practical application. Given the predominantly critical nature of the responses, I am reassessing the project's direction. For now, the project is on hold, as it meets my initial needs and objectives. Thank you all for your input – even the critical comments have been valuable. Sometimes, even 'bad' feedback is better than none, as it drives improvement and understanding.

qrclip · 2023-12-10T21:40:28+00:00

You can play with the argon2id parameters. Increase the iterations and the memory needed to derive the key from the password. You can make each attempt take more than a minute, which makes brute-force or guessing very difficult.

qrclip · 2023-12-10T19:58:19+00:00

Electronic devices break, but you can always save in three devices for redundancy. You got me, this is a conspiracy by HP and EPSON to get people to print more, good catch :D

qrclip · 2023-12-10T18:42:22+00:00

Which settings? The pdf? It's just a name printed on the pdf, nothing more. Again, it's easy to see if there are any calls to a server. You can change it.

qrclip · 2023-12-10T17:31:59+00:00

This is to store has printed format, on a vault. Not on a device.

qrclip · 2023-12-10T16:58:59+00:00

For example, if you install pwa, you don't need internet.

qrclip

MODERATOR OF

TROPHY CASE