LockMe is a privacy-first desktop web app that helps you encrypt, decrypt, and manage files securely. It runs entirely client-side, with AI-assisted tools and Firebase-powered user management under the hood.
- AES-256-GCM encryption via Web Crypto API.
- Client-side only — your files and passphrases never touch a server.
- Encrypt/decrypt multiple files at once.
- Encrypted files use a
.lockmeextension.
- Passphrase Generator: Strong, customizable, and memorable.
- Recovery Prompt Enhancer: AI-generated prompts tailored to you.
- Strength Analyzer: Get feedback on how strong your passphrase is.
- Store and tag frequently used code snippets.
- Syntax highlighting for multiple languages.
- Optional encryption for sensitive code.
- Search by name, tag, or content.
- Backed by Firebase Firestore.
- Email/password sign-up and login (Firebase Auth).
- Email verification, password reset, and secure account deletion.
- Manage your display name and profile picture (with image cropping).
- Track file activity, passphrases generated, and more.
- View a history of recent operations.
- Light/dark theme toggle.
- Local app settings saved via
localStorage.
- Works well on desktop and mobile devices.
-
Frontend: Next.js (App Router), React, TypeScript
-
UI: Tailwind CSS, ShadCN
-
AI Integration: Genkit, Gemini
-
Backend & Auth: Firebase
- Firestore (data), Storage (profile pics), Auth (user accounts)
- Firebase Admin SDK for secure server-side tasks
- Node.js (v18+)
- npm or yarn
- A Firebase project (with Firestore, Storage, and Auth enabled)
- Gemini API key
-
Clone the repo
git clone https://github.com/your-username/lockme.git cd lockme -
Install dependencies
npm install # or yarn install -
Set up environment variables Create a
.env.localfile and add:NEXT_PUBLIC_FIREBASE_API_KEY=... NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN=... NEXT_PUBLIC_FIREBASE_PROJECT_ID=... NEXT_PUBLIC_FIREBASE_STORAGE_BUCKET=... NEXT_PUBLIC_FIREBASE_MESSAGING_SENDER_ID=... NEXT_PUBLIC_FIREBASE_APP_ID=... GEMINI_API_KEY=... FIREBASE_SERVICE_ACCOUNT_JSON='{"type":"service_account",...}'
-
Deploy Firebase Rules
firebase deploy --only firestore firebase deploy --only storage
-
Start Development Servers
-
App:
npm run dev
-
AI Flows: Run in a separate terminal if applicable.
-
- Go to the Encrypt/Decrypt page.
- Upload files or drag and drop.
- Enter a passphrase (AI will rate its strength).
- Files are processed in-browser and downloaded to your device.
- Generate passphrases tailored to your preferences.
- Improve your recovery prompts using AI.
- Analyze passphrase strength with detailed feedback.
- Add/edit snippets with name, language, content, and tags.
- Search and filter your saved snippets.
- Optional encryption for sensitive code.
- Update your display name and profile picture.
- Resend email verifications or reset your password.
- Securely delete your account.
- Encryption Safety: The strength of your encryption depends on the strength of your passphrase.
- No Server Access: File content and passphrases stay on your device.
- Firebase Admin Key: Use environment variables to handle your keys securely.
- Firestore & Storage: Protected by Firebase security rules.
- Support for more encryption algorithms
- Secure sharing of encrypted files and code
- Two-Factor Authentication (2FA)
LockMe draws inspiration from academic research and existing tools:
- Al-Hazaimeh (2013) – A New Approach for Complex Encrypting and Decrypting Data
- Mushtaq et al. (2017) – A Survey on Cryptographic Encryption Algorithms
- Salama et al. (2011) – Effects of Common Encryption Algorithms
- GitHub: hat.sh, enc
by Muhamad Azri Muhamad Azmir,
Bachelor of Computer Forensics at Management and Science University (MSU)
supervised by Dr. Asma Mahfoudh Hezam Al-Hakimi
Found a bug? Have an idea? Open an issue or a pull request — all contributions are welcome.
This project is open source under the MIT License.