1.) Register
Register an account here. You can optionally deposit an e-mail address, which is only used for account recovery. Choose a password as safe as possible (use lower- and uppercase letters, numbers and special characters). Choose an user-ID, which must be 8 characters in length (only uppercase letters and numbers). The user-ID must be unique. Click on the wheel on the right to choose a random user-ID.
Choose your preferred payment module. Choose your preferred payment method. Read and accept our Terms and Conditions. Click on the captcha field to obtain a captcha. Solve the captcha; if you cannot read it, click on the field again to get another one.
Finally click on the register button.
2.) Pay
On the next page you find the needed information to conduct your payment with your chosen method. Be advised, that dependant on your method the payment may need up to a few days for us to receive.
After we will have received your payment, we will activate your account within 24 hours.
If you need to see our payment information again, go to the start page and try to log into your account. You will see the confirmation page again.
3.) Log in
On the start page, type in your user-ID and your password. Click on the login button or press the Enter key on your keyboard. If you have forgotten your password you can request a new one here. Be advised, that you only can request a new password, if you have deposited an e-mail address in your account.
4.) Request new password
On the start page click on 'forgot password?'. On the next page, enter user user-ID and the e-mail address you deposited with your account. If you have not deposited any e-mail address with your account, you cannot recover your account. Click on the captcha field to obtain a captcha. Then solve it; if you cannot read it, click on the field again to get a new one.
Finally click on the 'Send a new password' button. You will then receive an e-mail from us with a new password for your account. Check your e-mail inbox; if there is no e-mail from us, also check your spam folder.
5.) Generate a key
To establish a secure communication with your peer, you or your peer need/s to generate and share a key. (Attention! Keys are for single use only! Don't use the same key more than once or with more than one peer!) Go to the 'Key generator' box and choose a name for the key you want to generate. The key name must be unique and 8 upper-case letters and/or numbers. Then choose the size of the key. For messaging purpose we recommend a maximum size of 262.144 bytes (equals aprox. to 130 book sites of text). Be advised, that the maximum key size you can create, may be dependant on your device's available RAM.
Finally, click on 'Generate'. If the error occurs, that the name is already taken, change the name and click 'Generate' again. (The key won't be generated again, but the new name will be checked.)
After the key was generated and its meta-data was registered on our servers, your browser should pop-up a download window and/or ask you where to store the key file. (Your browser might store downloaded files at a default location without asking.) Do not change the file name of the key!
6.) Check the key's integrity
Checking the quality of entropy is a complex scientific task. We cannot instruct you to conclusively do that. But as a quick rundown you can try to pack/compress your key. Compression algorithms, like ZIP, try their best to utilize anisotropic attributes of digital data. If they can't compress anything, the entropy is probably very high.
Go to your local key file and try to compress it (e.g. by using ZIP). The resulting file should not be any smaller than the uncompressed key (rather slightly larger). If your compressed file is significantly smaller than the uncompressed key, then the entropy is flawed and the key is unusable. Not every device you might use has a good random number generator. In this case, consider to switch to another device and repeat the test.
7.) Share the key
You cannot share the key over our servers. That would compromise the security. As a general rule, you shouldn't share the key by telecommunication media at all! Always try to hand over keys in person, if possible!
Once your peer received your key, he or she has to load it into his or her account. The first peer account to load the key, will obtain exclusively rights to use the key. (Be advised, that this exclusivity is achieved by the meta-data on our servers. An attacker, who intercepted your key, may still use it to solve your ciphers!)
8.) Load a key
To load a generated or received key, you go to the 'Key loader' box in your account. Click on the file opener button and choose the file of the key you want to load. You can select several key files to load them at once.
Within the 'Key loader' box you then see your loaded keys. One key per row. The first column shows the key's name, the second the remaining bytes to encrypt, the next the remaining bytes to decrypt and the last the registered peer (respectively originator).
9.) Use a key for encryption
To use a key for encryption, you first have to load it and the you have to select it. To select a key, simply click on the respective key name within the list in your 'Key loader' box. The selected key will get highlighted with a colored background.
10.) Encrypt a text message
You can encrypt text messages on-the-fly by using the 'Text encrypter' box. First load and select the key with which you want to encrypt your message. Then type the message in the upper field of your 'Text encrypter' box. You will see a live encryption preview in the lower field. After you finished your input, click the 'Render encryption' button below. When you click the button the chipher will be concluded for transmission and the key meta-data will be updated on our servers.
11.) Transfer a text cipher
There are two main options to transfer a text chipher: 1) You can use our servers to deposit the cipher for your key peer or 2) you can copy&paste the cipher and use your preferred way to transfer text messages, like e-mail, messengers, sms or the like.
To use our servers simply click the 'Send' icon on the lower right of your 'Text encrypter' box. The icon will be active after you clicked 'Render encryption' on the left an got a valid and updated cipher.
To use another text messaging service, simply select the concluded cipher (after you clicked 'Render encryption') in the lower field of your 'Text encrypter' box. With a PC or laptop you can either select the whole cipher with your mouse or trackpad or click into the field and press Ctrl+A. Then do a right click and select 'Copy to clipboard' or the like. With your keyboard you can enter Ctrl+C. On smartphones do a long tap on the cipher. Then tap on 'Select all' and then on 'Copy'. Paste your clipboard into the input field of your text messaging service. Right click -> 'Paste' or Ctrl+V. Long tap and 'Paste' on touch devices.
12.) Receive a text cipher
You can either fetch ciphers from our servers or receive them via your preferred messaging service. To fetch all for your key deposited ciphers from our servers, you have to load the respective key and then click on the 'Reload' icon in the lower right corner of your 'Inbox' box. A list of ciphers will be shown in the box, one cipher per row. The first column shows the respective key the cipher was made with, the second column shows its decryption position and the last a preview of the cipher. Choose the cipher you want to decrypt by clicking on the respective row. The cipher will be highlighted and the cipher will be copied to the input field of your 'Text decrypter' box.
To receive a cipher from another messaging service, select and copy the cipher. Refer to the user manual of your preferred messaging application to read about how to select and copy to clipboard messages. Mostly you can do a right mouse click / a long tap or enter Ctrl+A, Ctrl+C on your keyboard. Then click into the input field of your 'Text decrypter' box in your account and paste the cipher per right click, long tap or enter Ctrl+V.
13.) Decrypt a text cipher
Once a text cipher is in the input field of your 'Text decrypter' box, you can decrypt it. Make sure that you have loaded the respective key before. Then click on the 'Render decryption' button on the lower left of your 'Text decrypter' box. The decrypted message will appear in the output field.
14.) Encrypt a file
To encrypt a file you have to first load and select the key you want to use for encryption. Then click on the file opener button in your 'File encrypter' box. Choose and select the file you want to encrypt. (Be advised, that the file you want to encrypt must be smaller than half the size of the key you want to use for encryption.) You can only encrypt one file at a time. When you open the file it gets encrypted. When the encryption is done, the key's meta-data will be updated and your browser should pop-up a download window and/or ask you where to store the encrypted file. (Your browser might store downloaded files at a default location without asking.) Do not change the file name!
15.) Transfer/receive a file
There is no option to transfer an encrypted file by using our servers. You have to choose another service to transfer your encrypted files. You can send them per e-mail e.g. or use a file hosting or cloud service. If you have received a file, you can load it to your WebOTPad account from whereever your browser can access the data.
16.) Decrypt a file
To decrypt a file you first have to load the respective key. Then click on the file opener button in your 'Text decrypter' box. Choose the encrytped file from your local storage. Encrytped WebOTPad files end with the suffix *.otp. You can only decrypt one file at a time. When you open the file it gets decrypted. When the decryption is done, your browser should pop-up a download window and/or ask you where to store the decrypted file. (Your browser might store downloaded files at a default location without asking.)
Manually update key position
You can update the key position of a key in use by double-clicking the remaining encryption bytes number within the key loader list. Then a number input field will appear, where you can adjust the key position. (Be advised, that you first see the remaining bytes (backwards), then in the input field you see the key position (forwards).) You only can update the encryption key position and you only can update it upwards.
Remove a peer from a key
For keys you generated yourself, you can remove a peer from using it. (Attention! You can hinder a peer to use the key's meta-data; this does not mean a person who has a copy of your key couldn't decrypt your ciphers!) To remove a peer from a key, load the key and then double-click on the peer's name within the key list. Confirm the prompt with `Ok`. The key will be free to load for another peer, which will become the new peer in doing so.
Browser
Tested down to Firefox 53.0.2. Most browsers from 2017 on should work; even many older might work.
Browser settings
Javascript must be enabled.
CPU
Tested down to Pentium M, 1.5GHz CPU. Also tested on Allwinner D1, 1GHz RISC-V CPU. Every system from 2004 or younger should provide enough performance. Keep in mind that you can decide about the needs by choosing the size of keys you work with.
Memory
The amount of available RAM you need, is dependant on the key size you work with. You should have about the 4x amount of available memory in respect to the key size. So for an 1MB key there should be at least 4MB of free memory.
I-Net connection speed
To operate this site, every internet speed from 384 kbit/s (48 kbytes/s) up should be sufficient (cf. UMTS).