Skip to main content
Feature

Password-protected file sharing

Add a password to any share and even a leaked link stays locked. SealFile derives the key from your password with Argon2id — so the password, not us, controls access.

How password protection works

When you choose a password mode, SealFile doesn't send your password anywhere. Instead, your browser runs it through Argon2id — a slow, memory-hard function designed to make guessing expensive — to derive a wrapping key. That key encrypts the file's actual encryption key using AES-KW.

The server stores only the wrapped key and the Argon2 salt. To open the share, your recipient re-enters the password, re-derives the same key in their browser, and unwraps it locally. The password never touches our servers.

Pick the protection that fits

Password protection pairs with SealFile's zero-knowledge encryption — it adds a layer, it doesn't replace it. For the strongest setup, use link + password and deliver each part over a different channel.

Argon2id key derivation

Passwords are stretched with Argon2id (64 MB memory, 3 iterations) to resist brute-force and GPU attacks.

Three sharing modes

Link-only, password-protected, or link + password — choose how much friction and security you want.

A real second factor

Split the secret so a leaked link still can't open your files without the password.

Built-in strength meter

A password generator and live strength meter help you pick something hard to guess.

Frequently asked questions

How does password protection work?

Your password is run through Argon2id, a slow, memory-hard key-derivation function, to produce a wrapping key. That key encrypts (wraps) the file's encryption key. Without the password, the wrapped key can't be opened — and the password is never sent to us.

What's the difference between the three modes?

Link-only puts the key in the link fragment. Password mode protects the key with your password instead. Link + password splits the secret across both — the recipient needs the link and the password, giving you the strongest protection.

What if someone intercepts the link?

In password or link + password mode, the link alone is useless. An attacker would also need the password, which you can share over a separate channel (say, the link by email and the password by text).

Can SealFile reset or recover a password?

No. We never receive your password and can't derive the key without it. If the password is lost, the files cannot be decrypted by anyone, including us.

Lock your next share with a password

Free on every tier — no account, no setup, just a stronger share.