Show HN: SecretMemoryLocker – File Encryption Without Static Passwords

I built SecretMemoryLocker (https://secretmemorylocker.com), a file encryption tool that generates keys dynamically from your answers to personal questions instead of using a static master password. This makes offline brute-force attacks much more difficult. Think of it as a password manager that meets mnemonic seed recovery, but without storing any sensitive keys on disk.

Why? I kept losing master passwords and wanted a solution that wasn't tied to a single point of failure. I also wanted to create a "digital legacy" that my family could access only under specific conditions. The core principle is knowledge-based encryption: the key only exists in memory when you provide the correct answers.

Status: * MVP is ready for Windows (.exe). * Linux and macOS support is planned. * UI is available in English, Spanish, and Ukrainian.

Key Features:

* No Static Secrets: No master password or seed phrase is ever stored. The key is reconstructed on the fly.

* Knowledge-Based Key Generation: The final encryption key is derived from a combination of your personal answers and file metadata.

* Offline Brute-Force Resistance: Uses MirageLoop, a decoy system that activates when incorrect answers are entered. Instead of decrypting real data, it generates an endless sequence of AI-created questions from a secure local database, creating an illusion of progress while keeping your real data untouched.

* Offline AI Generation Mode: Optional offline Q&A generator (prototype).

How It Works (Simplified):

1) Files are packed into an AES-256 encrypted ZIP archive.

2) A JSON key file stores the questions in an encrypted chain. Each subsequent question is encrypted with a key derived from the previous correct answer and the file's hash. This forces you to answer them sequentially.

3) The final encryption key for the ZIP file is derived by combining the hashes of all your correct answers. The key derivation formula looks like this:

  K_final = SHA256(H(answer1+file_hash) + H(answer2+file_hash) + ...)

(Note: We are aware that a fast hash like SHA256 is not ideal for a KDF. We plan to migrate to Argon2 in a future release to further strengthen resistance against brute-force attacks.)

To encrypt, you provide a file. This creates two outputs: your_file.txt → your_file_SMLkey.json + your_file_SecretML.zip

To decrypt, you need both files and the correct answers.

Install & Quick Start: Download the EXE from GitHub Releases (no dependencies needed):

https://github.com/SecretML/SecretMemoryLocker/releases

Encrypt:

  SecretMemoryLocker.exe --encrypt "C:\docs\important.pdf"

Decrypt:

  SecretMemoryLocker.exe --decrypt "C:\docs\important_SMLkey.json"

I would love to get your feedback on the concept, the user experience, and any security assumptions I've made. Thanks!