2 Ways To Encrypt Your Files From Your Browser

Ads by Google

Do you want to send a file across the Internet to a friend or coworker, but don’t want the NSA to snoop on that file? You’ll want to encrypt that file, but in the quickest and easiest way possible. Thanks to various web technologies, you can now do this without even having to deal with a heavier desktop-based encryption program.

File Lock


File Lock is a fantastic file encryption service that runs entirely on HTML5 technologies — you don’t even need to install a plugin for your browser!

All you have to do is visit their website, choose the file you want to encrypt (if you have multiple files, you’ll need to repeat this for each file), type in a password, and hit the Encrypt button. In just a few seconds, your browser will have created an encrypted version ready to go. The recipient will need to take the encrypted file they receive and decrypt it using the same site. However, this should be just as quick and easy.

While you can use this site to encrypt just about any file, the website itself advises that you don’t use the service if you’re planning on encrypting a lot of files or need to encrypt larger files. The site spouts off warnings around the 30MB mark, but I’d make serious thoughts about using a desktop-based application when you hit the 50MB mark.

The website recommends that you use a program such as TrueCrypt for encryption tasks such as those — I recommend the same thing.


Another option (although less ideal, in my opinion) is to use a service such as Securesha.re. This site does the local encryption via your browser, then lets you upload files. You encrypt it with a password of your choice or a randomized string, and then provide a “secure link” which will let you or anyone else you share the link with download the file.

Ads by Google

Basically, the point of this site isn’t necessarily to encrypt a file and leave it at that, but it’s a file sharing site that does four things:

  • It encrypts the file that you want to share.
  • It uploads the encrypted file to the site.
  • The recipient downloads the encrypted file.
  • The recipient’s browser decrypts the file locally before asking them for the desired save location.

So in other words, this doesn’t give you an encrypted file, but it still facilitates an encrypted way to share a file. You can also control how many views or days the file stays on the server before it’s deleted (the maximum is 7 days), and the code that makes all of this happen is open source.



Although solid, modern file encryption implementations in your browser are surprisingly scarce, they exist and can easily be used by anyone using the latest version of their favorite browser. Again, I must emphasize that using your browser for any file encryption should be kept at 50MB or less — otherwise, it’s still better to look at a desktop encryption program such as TrueCrypt.

If you need even more options, you can take a lot at 5 other great ways to encrypt files on Windows or a way to encrypt files in Linux via ENCFS.

What’s your favorite way to encrypt files? Let us know in the comments!

Join live MakeUseOf Groups on Grouvi App Join live Groups on Grouvi
Mozilla Firefox Fans
Mozilla Firefox Fans
22 Members
Safari Browser Tips
Safari Browser Tips
12 Members
Internet Explorer (IE) Tips
Internet Explorer (IE) Tips
2 Members
Best Mobile Browsers
Best Mobile Browsers
13 Members
Google Chrome Mastery
Google Chrome Mastery
19 Members
Ads by Google
Comments (10)
  • Chethan K

    it was good article

  • Chethan K


  • Steve Kasian

    Oooo, ouch! John, you just got pwned in a big way.

    Probably best for “someone like [John]” to refrain from posting software/website “reviews” altogether.

  • john

    Response to Kevin:

    I stand by my original review even given Samuel Reed’s probably truthful disclosure and references above. Samuel Reed says that part of the code is not open source and also a user has to use a web inspector to try and verify the claim. Not exactly “published” nor transparent.

    Also, why isn’t the readme or some other file published with the source that gives the information samuel discloses? Someone like me taking a look at it and then going to the tixelated site trying to find out any information on the email link in the project gets a bad feeling from it.

    Aside from this, the idea is good to me and why I looked into it. Why not put the project up on sourceforge and make it truly open source into a product that people can really use and support? It also as I mentioned doesn’t appear to work when I tried it. Since I’m not a great coder I’m not going to debug it.

    My feedback is honest and accurate. You don’t have to take it so personally.

    • Kevin Ohashi


      That’s just non-sense. The part that isn’t open sourced is file handling on the server side. The code that’s published shows exactly what is being uploaded and how. The fact anyone can view the source code and see what it’s doing is exactly what transparency means. It’s the honest to god code that’s being executed right on the site. There is nothing to hide in it. It’s encrypted entirely client side which is verifiable (assuming you’re capable of reading/understanding the code). Furthermore, the code is published on GitHub. I still am not sure why you’re going on about SourceForge.

      Perhaps instead of bashing the project, you could do your research, ask questions or at a minimum not just spew unsubstantiated and wrong claims. I do take it personally because you’re writing things which are factually inaccurate about the project. Also, instead of looking at all the code Sam has written or projects he contributes to publicly on GitHub, you of all things try and attack his character from a defunct startup that his email address is tied to? That must have been a poor joke.

    • Samuel Reed


      I assume you’re just not very familiar with open source software and what the standard for this sort of thing is. That’s alright – the whole community moves very quickly, and especially has in the last few years. SourceForge is a dinosaur, tarnished its reputation months ago with download managers and scummy toolbar installers, and the majority of active open source now lives on GitHub. It is in fact much more open to the general community on GitHub than it ever was or would be on SourceForge.

      Securesha.re is a new kind of webapp where the majority of functionality takes place right on the client, in plain view. To show my commitment to that, I do not minify or obfuscate any code on the site (which is standard, simply to save on the transmitted size of the site). It takes a certain amount of coding expertise to verify that encryption is done correctly, and a certain amount to verify that requests are being properly sent without identifying information. If one can do the former, they most certainly can do the latter. Verifying the requests literally takes less than a few minutes; after all, it only makes two: one to upload a file, and one to download it.

      About a year ago, a small crowd of users on Hacker News took a look at the site after we announced it. Their verdict? It worked well, should probably generate longer passwords, was a bit confusing. Those were simple things to fix – so I fixed all of those issues and the site has been happily churning files day after day since then.

      I understand that you feel your feedback is honest, but it is not accurate.

      Feel free to check out the code both in your web inspector and at https://github.com/STRML/securesha.re-client/tree/master/polymer – the latest version of the site uses Web Components, so it is very easy to follow once you understand the basics.

      In the end, if you want to use a service that handles your personal data, you either have to blindly trust it, or read the code. The vast majority of services that handle your personal data (Gmail, Dropbox, etc.) do not have publicly available source code. This project does. If you don’t believe me, read the code. If you can’t read the code, ask somebody who can. I believe Securesha.re fills a particularly important niche because its correctness actually *can* be verified, unlike the many closed-source security services out there.

      I hope that clears some things up.

  • Brandon R

    I personally don’t trust using any website to encrypt my data, maybe I’m paranoid but I just don’t feel safe .

Load 10 more
Affiliate Disclamer

This review may contain affiliate links, which pays us a small compensation if you do decide to make a purchase based on our recommendation. Our judgement is in no way biased, and our recommendations are always based on the merits of the items.

For more details, please read our disclosure.
Affiliate Disclamer

This review may contain affiliate links, which pays us a small compensation if you do decide to make a purchase based on our recommendation. Our judgement is in no way biased, and our recommendations are always based on the merits of the items.

For more details, please read our disclosure.