Seal a letter, a password, a seed phrase, or a stack of files. Set it to release on a future date — or only if you stop checking in. Everything is encrypted right here in your browser, so the package that gets stored is something no one, not even us, can read.
Or paste a management link you received by email:
Write the message your recipient should get, and attach any files you need to. This is the only screen where the contents exist in the clear — they're encrypted the moment you seal.
Choose who can open it. A passphrase is simplest. Trustees split the key so no single person — including you or us — can open it alone.
Deliver the passphrase to your recipient out of band — tell them in person, leave it with your will, or store it somewhere they'll reach. Without it, the message can't be opened. We never see it.
The key is split into N shares; any K of them rebuild it. Give one share to each trustee — Last Word prints a card with a QR code for each. Fewer than K shares reveal nothing at all.
This is the dead-man's-switch part. In the live service, our servers run this clock and send escalating reminders; if you miss them past the grace window, the package is released. This policy is recorded inside the sealed package.
This encrypts everything above in your browser and produces a sealed package plus the instructions to hand off. Nothing is sent anywhere.
Arming online uploads only the sealed package above - the unreadable ciphertext. Your passphrase and any trustee shares never leave this tab. We email you to check in; if you go silent past your grace window (or your release date arrives), we deliver the package to your recipient with instructions to open it.
Don't have a key? Request a Last Word Pro license →
Paste a Last Word package below. This works entirely offline — so a package can still be opened even if the service that delivered it no longer exists.
Your message and files are encrypted in your browser with a key derived from your passphrase, or a key that's split across your trustees. The plaintext never leaves this tab.
The sealed package — unreadable without the key — is what the service holds. A breach of the server exposes nothing, because the server never has the key.
On your cadence, you get a reminder with a one-tap "I'm still here." Each check-in resets the clock. Miss one and the reminders escalate.
Miss every reminder through the grace window — or hit your release date — and the package is delivered to your recipient. They supply the passphrase, or your trustees combine their shares, to open it.
This page is the encryption engine — sealing and opening are fully working and fully client-side. The live check-in clock, reminders, and automatic release run on demingbydesign's servers (a scheduled job plus email) and are wired up separately from this file. The cryptography you can verify right here is the part that guarantees your secrets stay private.