In-browser text encryption safety
Deep Talk is a browser-based text encryption tool built around one simple promise: your message and password are processed in the browser you are using, not sent to a Deep Talk message server.
How in-browser text encryption works
- You enter a message and password.
- The browser turns that password into a temporary key.
- The browser protects the message and adds a check that detects changes.
- You copy the protected result and share it.
- The recipient uses the same password to open it.
If the password is wrong or the protected message was changed, Deep Talk refuses to open it.
What stays private by design
- Deep Talk has no account system.
- The tool has no business endpoint that receives your original message, password, or protected message.
- Passwords are not saved for recovery.
- The same message produces a different protected result each time.
What Deep Talk cannot protect against
- Malware, keyloggers, or a compromised operating system.
- A malicious browser extension that can read the page or clipboard.
- Someone watching the screen or reading the message after it is opened.
- A weak or reused password that another person can guess.
- A recipient who copies, screenshots, or forwards the original message.
- A future compromise of the site’s hosting account that serves altered JavaScript.
For important information, verify the site address, use an up-to-date browser, choose a strong unique password, and share that password through a different channel.
Optional technical details
Protected messages use authenticated encryption in the browser. The current format uses AES-256-GCM, with a key derived from the password through PBKDF2-HMAC-SHA-256 and a fresh random salt and nonce for every message. The message format is versioned so future upgrades can be distinguished, and protected messages created by the previous version remain readable for compatibility.
The technical names describe implementation choices; they do not remove the device and recipient risks listed above.
Read how in-browser encryption and text remixing work, return to Protect a message, or review the privacy notice.