Back to All Tools

Show HN: SecretMemoryLocker – File Encryption Without Static Passwords

Show HN (score: 13)
Visit Tool
Found: August 25, 2025
ID: 1078

Description

Other
Show HN: SecretMemoryLocker – File Encryption Without Static Passwords I built SecretMemoryLocker (https://secretmemorylocker.com), a file encryption tool that generates keys dynamically from your answers to personal questions instead of using a static master password. This makes offline brute-force attacks much more difficult. Think of it as a password manager that meets mnemonic seed recovery, but without storing any sensitive keys on disk.

Why? I kept losing master passwords and wanted a solution that wasn't tied to a single point of failure. I also wanted to create a "digital legacy" that my family could access only under specific conditions. The core principle is knowledge-based encryption: the key only exists in memory when you provide the correct answers.

Status: * MVP is ready for Windows (.exe). * Linux and macOS support is planned. * UI is available in English, Spanish, and Ukrainian.

Key Features:

* No Static Secrets: No master password or seed phrase is ever stored. The key is reconstructed on the fly.

* Knowledge-Based Key Generation: The final encryption key is derived from a combination of your personal answers and file metadata.

* Offline Brute-Force Resistance: Uses MirageLoop, a decoy system that activates when incorrect answers are entered. Instead of decrypting real data, it generates an endless sequence of AI-created questions from a secure local database, creating an illusion of progress while keeping your real data untouched.

* Offline AI Generation Mode: Optional offline Q&A generator (prototype).

How It Works (Simplified):

1) Files are packed into an AES-256 encrypted ZIP archive.

2) A JSON key file stores the questions in an encrypted chain. Each subsequent question is encrypted with a key derived from the previous correct answer and the file's hash. This forces you to answer them sequentially.

3) The final encryption key for the ZIP file is derived by combining the hashes of all your correct answers. The key derivation formula looks like this:

  K_final = SHA256(H(answer1+file_hash) + H(answer2+file_hash) + ...)
(Note: We are aware that a fast hash like SHA256 is not ideal for a KDF. We plan to migrate to Argon2 in a future release to further strengthen resistance against brute-force attacks.)

To encrypt, you provide a file. This creates two outputs: your_file.txt → your_file_SMLkey.json + your_file_SecretML.zip

To decrypt, you need both files and the correct answers.

Install & Quick Start: Download the EXE from GitHub Releases (no dependencies needed):

https://github.com/SecretML/SecretMemoryLocker/releases

Encrypt:

  SecretMemoryLocker.exe --encrypt "C:\docs\important.pdf"
Decrypt:

  SecretMemoryLocker.exe --decrypt "C:\docs\important_SMLkey.json"
I would love to get your feedback on the concept, the user experience, and any security assumptions I've made. Thanks!

More from Show

Show HN: Commit-based code review instead of PR-based

Show HN: Commit-based code review instead of PR-based Hi HN,<p>I’m experimenting with commit-based code review as an alternative to PR-based review.<p>Instead of analyzing large PR diffs, this reviews each commit incrementally, while context is still fresh. It’s fully configurable and intentionally low-noise, high signal - focused on catching issues that tend to slip through and compound over time.<p>The goal isn’t to replace CI or PR review, but to move some feedback earlier:<p>risky changes hidden in small diffs<p>architectural or consistency drift<p>performance or security footguns<p>Happy to answer questions

Show HN: Xkcd #2347 lived in my head, so I built the dependency tower for real

Show HN: Xkcd #2347 lived in my head, so I built the dependency tower for real I finally got tired of XKCD #2347 living rent-free in my head, so I built Stacktower: a tool that takes any real package’s dependency graph and turns it into an actual tower of bricks. Along the way I had to wrestle some surprisingly spicy problems.<p>Full blog post here: <a href="https:&#x2F;&#x2F;stacktower.io" rel="nofollow">https:&#x2F;&#x2F;stacktower.io</a><p>The result is half visualization tool, half love letter to the chaos of modern dependency trees. Open-source, works with PyPI, Cargo, npm, and more.<p>Code: <a href="https:&#x2F;&#x2F;github.com&#x2F;matzehuels&#x2F;stacktower" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;matzehuels&#x2F;stacktower</a>

Show HN: Flowctl – Open-source self-service workflow automation platform

Show HN: Flowctl – Open-source self-service workflow automation platform Flowctl is a self-service platform that gives users secure access to complex workflows, all in a single binary. These workflows could be anything, granting SSH access to an instance, provisioning infra, or custom business process automation. The executor paradigm in flowctl makes it domain-agnostic.<p>This initial release includes: - SSO with OIDC and RBAC - Execution on remote nodes via SSH (fully agentless) - Approvals - Cron-based scheduling - Flow editor UI - Encrypted credentials and secrets store - Docker and Script executors - Namespaces<p>I built this because I needed a simple tool to manage my homelab while traveling, something that acts as a UI for scripts. At work, I was also looking for tools to turn repetitive ops&#x2F;infra tasks into self-service offerings. I tried tools like Backstage and Rundeck, but they were either too complex, or the OSS versions lacked important features.<p>Flowctl can simply be described as a pipeline (like CI&#x2F;CD systems) that people can trigger on-demand with custom inputs.<p>Would love to hear how you might use something like this!<p>Demo - <a href="https:&#x2F;&#x2F;demo.flowctl.net" rel="nofollow">https:&#x2F;&#x2F;demo.flowctl.net</a><p>Homepage - <a href="https:&#x2F;&#x2F;flowctl.net" rel="nofollow">https:&#x2F;&#x2F;flowctl.net</a><p>GitHub - <a href="https:&#x2F;&#x2F;github.com&#x2F;cvhariharan&#x2F;flowctl" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;cvhariharan&#x2F;flowctl</a>

Show HN: Pyversity – Fast Result Diversification for Retrieval and RAG

Show HN: Pyversity – Fast Result Diversification for Retrieval and RAG Hey HN! I’ve recently open-sourced Pyversity, a lightweight library for diversifying retrieval results. Most retrieval systems optimize only for relevance, which can lead to top-k results that look almost identical. Pyversity efficiently re-ranks results to balance relevance and diversity, surfacing items that remain relevant but are less redundant. This helps with improving retrieval, recommendation, and RAG pipelines without adding latency or complexity.<p>Main features:<p>- Unified API: one function (diversify) supporting several well-known strategies: MMR, MSD, DPP, and COVER (with more to come)<p>- Lightweight: the only dependency is NumPy, keeping the package small and easy to install<p>- Fast: efficient implementations for all supported strategies; diversify results in milliseconds<p>Re-ranking with cross-encoders is very popular right now, but also very expensive. From my experience, you can usually improve retrieval results with simpler and faster methods, such as the ones implemented in this package. This helps retrieval, recommendation, and RAG systems present richer, more informative results by ensuring each new item adds new information.<p>Code and docs: github.com&#x2F;pringled&#x2F;pyversity<p>Let me know if you have any feedback, or suggestions for other diversification strategies to support!

No other tools from this source yet.