My Last Key

A simple, private, and offline-first way to organize and secure your family's essential information for the future.

Why This Project Exists

What happens to your digital accounts, documents, and other important information if something happens to you? My Last Key was created to solve this problem. It's not a password manager. It's a simple tool to create a single, secure document for your loved ones—a "digital last will" that gives them access and guidance when they need it most.

Security First

Nothing Leaves Your Browser

All processing of your data—from input to encryption—happens exclusively on your own computer. No passwords, notes, or sensitive information are ever sent to our servers. We store nothing because we never receive it. Your security is at the core of the tool's design.

Full Transparency

100% Open Source

Trust is essential. That's why the entire source code for MyLastKey is publicly available on GitHub. Anyone, from curious users to security experts, can freely review our code to verify that we live up to our promises. No backdoors, no secrets.

Practical Application

Your Digital Emergency Plan

What happens if you lose access to your online password manager? MyLastKey provides you with a physical, secure, and readable backup of your most critical information. Print it, store it in a safe place, and use the built-in QR codes for quick access when you need it. It's your offline lifeline.

How It Works: Two Simple Steps

Step 1: Create Your Document

Use the "Create Your Plan" tool to list all your important information: account logins, locations of physical documents, instructions for your partner, etc. You can add, edit, and categorize everything you need.

Step 2: Secure & Share

Optionally, you can encrypt this entire document with a single, strong Master Key. The tool then lets you export the encrypted text or a QR code. You can save this file on a USB drive or print the QR code and store it in a safe place, along with the Master Key (shared separately).

Your Offline Decryption Kit

Your data is never locked in. To guarantee you or your family can always access your information, even if this website is offline, download the self-contained decryption tool. It's a single HTML file that works forever, on any computer with a web browser.

Download the Decryption Tool

Save this file to a USB drive along with your encrypted data file for complete peace of mind.


Download mylastkey-decrypt.html

Advanced: Manual Decryption Guide

For technical users, you can also decrypt your data using standard command-line tools, proving that your information is not dependent on this specific tool. Here's how:

Decrypting on Windows

1. Save your encrypted text (the `salt:iv:data` string) into a file named `encrypted.txt`.

2. Open PowerShell and navigate to the directory where you saved the file.

3. Run the following commands, replacing `"YOUR_MASTER_KEY_HERE"` with your actual key.

# 1. Read the encrypted file and split it into parts
$encryptedParts = (Get-Content -Path "encrypted.txt" -Raw).Split(':')
$saltHex = $encryptedParts[0]
$ivHex = $encryptedParts[1]
$encryptedDataB64 = [System.Convert]::ToBase64String([System.Convert]::FromHexString($encryptedParts[2]))

# 2. Get the Master Key from the user
$password = Read-Host "Enter your Master Key"

# 3. Derive the encryption key using PBKDF2
$rfc2898 = New-Object System.Security.Cryptography.Rfc2898DeriveBytes($password, [System.Convert]::FromHexString($saltHex), 250000, "HMACSHA256")
$key = $rfc2898.GetBytes(32) # 32 bytes for AES-256

# 4. Decrypt the data
$aes = New-Object System.Security.Cryptography.AesManaged
$aes.Mode = "CBC"
$aes.Padding = "PKCS7"
$aes.Key = $key
$aes.IV = [System.Convert]::FromHexString($ivHex)

$decryptor = $aes.CreateDecryptor()
$encryptedBytes = [System.Convert]::FromBase64String($encryptedDataB64)
$decryptedBytes = $decryptor.TransformFinalBlock($encryptedBytes, 0, $encryptedBytes.Length)
$aes.Dispose()

# 5. Display the result
[System.Text.Encoding]::UTF8.GetString($decryptedBytes)

Decrypting on macOS / Linux

1. Save your encrypted text (the `salt:iv:data` string) into a file named `encrypted.txt`.

2. Open your terminal and navigate to the directory where you saved the file.

3. Run the following shell command. It will prompt you for your Master Key.

#!/bin/bash
# Read the encrypted string from file
ENCRYPTED_STRING=$(cat encrypted.txt)

# Split the string into salt, iv, and data
IFS=':' read -r SALT_HEX IV_HEX DATA_HEX <<< "$ENCRYPTED_STRING"

# Ask for the master key securely
echo -n "Enter your Master Key: "
read -s MASTER_KEY
echo

# Derive the key using OpenSSL's PBKDF2 implementation
# Note: -pbkdf2 and -iter are standard in modern OpenSSL
KEY_HEX=$(echo -n "$MASTER_KEY" | openssl kdf -kdf_alg PBKDF2 -iter 250000 -keylen 32 -prf hmacWithSHA256 -salt "$SALT_HEX" PBKDF2)

# Decrypt the data using AES-256-CBC
# The encrypted data needs to be in binary format, so we use xxd to convert from hex
echo "$DATA_HEX" | xxd -r -p | openssl enc -d -aes-256-cbc -K "$KEY_HEX" -iv "$IV_HEX" -padding pkcs7

About the Creator

"This started as a personal project to ensure my own family would be looked after. I wanted a solution that was simple, trustworthy, and not reliant on a company that could disappear tomorrow. I'm sharing it in the hope it can help others too." - Rasmus