Inspiration

Due to a recent influx in security breaches and an increasing need for privacy, password managers have become incredibly useful for browsing the internet. However, even the most sophisticated password managers (i.e. LastPass) forget one crucial security flaw: email addresses.

Even though more people are beginning to use different passwords for their accounts, they usually use the same email. This presents an opportunity for hackers to group an individual's accounts together using a shared email which is a HUGE security hole.

We developed Crypt to be the first account manager to encompass both secure email and password generation.

What it does

Crypt is a powerful account manager that generates unique anonymous emails and passwords when signing up for new online accounts.

alt text

Account information on Crypt is encrypted using AES256 to ensure that all your data is secure and uses SSL encryption over HTTPS to prevent any man in the middle attacks.

Each account gets it own secure email and password -- so if a service gets hacked, your personal email will not be compromised and hackers will have 0 indication as to what your personal email actually is. In addition, it helps uphold your privacy by preventing email search sites.

alt text

How I built it

The front end service is built with Meteor, Button, React, and Bootstrap 4. Users can register for Crypt and the platform generates the pairs of encrypted email addresses and passwords which they can then access by copying them to a clipboard. Users are also able to edit the title of their accounts and its password to their living.

The back-end of Crypt is the most interesting technical aspect of the platform. To develop Crypt, we created our own email server capable of receiving, parsing, and sending emails. We utilized Node.js and Ubuntu 16.04 to host the server. We also handle all of our encryption server-side using AES256 (proven to be currently unbreakable).

Challenges I ran into

On the front end we faced issues with passing data between parent and child objects with React. This was mostly due to our inexperience with developing with react.

On the back end we quickly ran into the problem of setting up a SMTP mail server on the UPenn network. A SMTP mail server requires that port 25 be unblocked. Unfortunately for us this is commonly blocked on public networks in order to prevent spam. To solve this issue we had to host the SMTP mail server on a VPS.

Another problem we faced was emails being forwarded from our SMTP server directly to a user’s personal email was being instantly sent to the spam folder regardless of the content. We learned that most email providers automatically mark emails as spam folders unless they come from a well-known service such as Gmail, Hotmail, or Yahoo. To correct this, we sent the emails through Gmail’s SMTP service instead. One downside we faced when choosing this was rather than our forwarded emails hostname being @plsencrypt.me they instead ended in @gmail.com. However, we were still able to maintain @plsencrypt.me emails for forwarding - the core feature of our service.

Accomplishments that I'm proud of

We are proud of our UI/UX design and our theme of dinosaurs. We chose the theme of Crypt around dinosaurs because we felt the topic of encryption can seem technical and unfriendly to the average user.

Our UI design and dinosaur theme solves this issue by giving the user a simple, easy to read interface and a friendly and playful vibe through every step of the process.

What I learned

We learned a lot about SMTP and the fundamentals of email services. Alongside this, our team gained a lot of valuable experience in developing with React.

What's next for Crypt

The next steps for Crypt would be to compile it into a chrome extension to improve its ease of access.

Share this project:
×

Updates