captain-redbeard / redbeards-messenger

Redbeards Messenger is a lightweight secure instant messaging platform designed to put you in control of your data.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

redbeards-messenger

Redbeards Messenger is a lightweight secure instant messaging platform designed to put you in control of your data. We accomplish this by utilising Public Key Encryption to create a unique key pair with a 4096 bit key on registration. See Website Security for more information about our security policies.

  • Security orientated
  • Be in control of your data
  • Only add who you want
  • Lightweight at less than 10KB on conversations screen
  • Works without JavaScript (although we do recommend using JavaScript for less data usage)
  • No personal details
  • No tracking
  • No publicly available data
  • No one can search your account
  • No spam

Demo site

https://messenger.captain-redbeard.com


Requirements

  • PHP >= 7.0.0
  • Composer autoloader
  • redbeards/crew
  • redbeards/crew-encryption
  • Endroid/qrcode >= 1.7

Website Security

Passwords are hashed with PHPs password_hash function with the PASSWORD_DEFAULT constant to allow new algorithm changes as they are added to PHP. The login process first checks login attempts then verifies the password then checks if the password needs a rehash then checks if MFA is enabled and if enabled checks the MFA code and finally creates a secure session.

Brute Force Protection

We protect against brute force password cracking by logging failed login attempts and limiting the login attempts to 5 per hour.

Multi-factor Authentication

We support virtual Multi-factor Authentication and you can enable it under settings. We recommend using this option.

Contact Requests

Contacts are added by sharing a unique URL with the person who you want to add. Once they go to the URL and login they will be added to your contact list and you to theirs. These URLs are unique and will expire in the set time limit or when the request is used.

Delete Contact

Deleting a contact will remove all conversations and messages between the two parties. Neither party retains any history, all deletions are final.

Start Conversation

A new conversation will be started with the selected contact unless an existing conversation already exists, in which case the messages will be added to that conversation. For each message sent the program will encrypt two messages, one with your own Public Key so you can see your sent message and one with the contacts Public Key so they can see your message.

Delete Conversation

Deletes all messages for both parties relating to this conversation. Neither party retains any history, all deletions are final.

Delete Account

Deleting your account will delete all messages, conversations and contacts followed by your Public and Private keys and finally your user will be deleted. No party retains any history, all deletions are final.

Deletion Policy

Setup a deletion policy for your account based on your last login date. No party retains any history, all deletions are final.


Lightweight

The conversations screen has been designed with low data usage in mind. We have accomplished this by using no libraries or bloat and writing front end resources in a minimal fashion while compressing content where possible. If you have JavaScript enabled than we use AJAX calls with server side long polling to check for new conversations and messages. With no new conversations or messages this uses around 368 Bytes (depending on headers) per two minutes.


Supported HTML tags

The following HTML tags are supported in the messenger.

<br>
<b>
<ul>
<li>
<strong>

Contact

About

Redbeards Messenger is a lightweight secure instant messaging platform designed to put you in control of your data.

License:MIT License


Languages

Language:PHP 85.8%Language:CSS 10.3%Language:JavaScript 3.7%Language:ApacheConf 0.1%