How secure is this app?

Security is the number one focus when developing and running this webapp. High standards of security are applied to multiple layers of the infrastructure: during transport, storage, server maintenance etc. Security is applied in the following ways:


How the use of the webapp is secured and kept private
No part of the secret is stored unencrypted on either the client- and server-side
As soon as the expiration date of the secret is reached, the contents and all related (access) data is permanently deleted
All transport from and to the server is done using A+ rated TLS1.2+ encryption. HTTP Strict Transport Security (HSTS) header is applied with preloading
No libraries are hosted externally using a free public CDN, so no tracking by them is made possible
No analytics or webbugs from third parties have been added to the webapp, so no external parties can track your use of the webapp
The source code is kept in a readable format for your verification and css and javascript libraries contain an integrity hash so modifications can easily be spotted. Development happens transparently at GitHub


How to server is kept secure
The software of the server is kept properly up-to-date, with security updates being installed automatically.
A firewall is in place to block hacking attempts to the server. Many parts of the operating system has also been harderened to reduce the numer of potential attack surfaces