How to Use the Secret String Storage System - Web Page Guide

Introduction:

The Secret String Storage System is designed for securely saving and sharing confidential strings among selected groups. Here's how to use the web page:

Step-by-Step Guide:

1. Accessing the System:

• Navigate to the Secret String Storage website.
• On the homepage, you will find a field to enter your email.
• Input your email address and click on the "Sign In" button.

2. Email Verification:

• After clicking "Sign In", check your email inbox for a new message from Secret String Storage.
• Open the email and click on the provided sign-in URL. This will verify your email and grant you access to the system.

3. Adding a New Group:

• In the "Groups" column, locate the form with the label "Enter groupname to add."
• Enter the desired group name in the input field.
• Click the "Add" button to create the group.
• Once created, the group name will appear as a link below the form.

4. Adding a Member to a Group:

• Before adding members, ensure you have selected a group.
• In the "Members" column, find the form labeled "Enter email to add."
• Input the email address of the individual you want to add to the group.
• Click the "Add" button.

5. Storing a Secret String:

• In the "Secrets" column, there's a form labeled "Enter secret to add."
• Type in the confidential string you wish to save in the input field.
• Click the "Add" button to store the secret.
• Copy the provided to you documentation or send it to who needs access to the secret.

6. Retrieving a Secret String:

• Below the table, you'll see a form with the label "Enter key to review password."
• Enter the key associated with the confidential string you previously saved.
• Click the "Get" button.
• The system will then display the confidential string linked with the provided key. (Note: The provided source does not show the display mechanism, so this step is based on the previous information.)

Important Notes:

• Always save or note down your retrieval key immediately after storing a secret. If you lose this key, you cannot recover the associated secret.
• Do not share your retrieval key. It grants access to the confidential string.
• Regularly review your groups and ensure only trusted individuals have access.
• And just to make it clear! - We cannot help you retrive the secrets as you got the only copy of the retrival key.
• The secrets are encrypted using the retrieval key and stored in a file, named after the SHA256 hash of the retrieval key.

How Your Secrets Are Protected:

• Split Security: Your encrypted secrets are divided into two parts. While we store one part in our system, the other part - the decryption key, remains exclusively with you in a separate system. Think of it as a safety deposit box that needs two unique keys to open: we hold one, and you hold the other. Even if someone gets their hands on the box, they can't open it without your unique key.
• No Access without Both Parts: The real value of your secrets can only be retrieved when both parts come together. This ensures that even if an unauthorized person gains access to our system, your secrets remain safe and encrypted because they won't have the decryption key that's with you.
• Layered Protection: To add an additional layer of protection, every secret is paired with a unique signature. This signature ensures that the data has not been tampered with, guaranteeing its authenticity.
• Remote Access Restrictions: For added safety, we monitor and validate the source of incoming requests. This means that even if someone manages to get your login details, they cannot access your secrets unless they are logging in from your recognized location.
• Regular Monitoring & Cleanup: Our system regularly checks the activity of online sessions. If a session remains inactive for an extended period, it's automatically ended to prevent unauthorized access.
• Email Verifications: Before communicating any information over email, we ensure the legitimacy of the email address. Only email addresses with valid structures and genuine domains (that have mail servers) are considered for sending information.