Hey folks! I'm developing a web application with an Angular frontend, a Node.js/Express backend, and an SQL database. My goal is to enable users to share sensitive information, like passwords, safely with their team members. I want the recipients to be able to use this shared data (for instance, autofilling a password in a login form) without ever seeing or copying the actual plaintext data. This is crucial for maintaining security and confidentiality.
Here's the challenge: Even if I try to hide the data in the user interface, users could still copy it or toggle visibility options (like 'show password') or inspect elements with developer tools. Ideally, I'd like to implement a zero-knowledge solution where even our servers can't access the data. Has anyone faced a similar situation? I'm looking for practical advice tailored to my tech stack—any creative solutions, libraries, or approaches (especially for Angular/Node) would be hugely appreciated. If you've got code snippets or insights from your experience, that would be a bonus. Thanks in advance for your help!
1 Answer
It sounds like you're in need of some sort of authorized proxy. This would allow a session to be created where a session token is generated for the user. The downside is if you want users to autofill data, that can still be inspected on the client side. You might want to consider using an authorized third-party app to manage these credentials securely. But honestly, the way shared data works, if it's on the client side, it could definitely be accessed by inspecting it in dev tools. By the way, are you trying to build something similar to Passbolt? Just a heads up, users can still copy the actual shared data once it's on the client, which is a common issue with these setups.
Totally see where you're coming from! You're right about the risks of client-side data. I'm pushing for that zero-knowledge setup too. Do you have any recommendations on Node.js or Angular libraries that handle credentials securely? Any tips on preventing snooping with dev tools would also be great!