Secure File Sharing with QR Codes

TL;DR

This guide shows you how to securely share files using a temporary authentication file and QR codes. It’s more secure than simply emailing a password, as the password isn’t sent directly.

Step-by-Step Guide

1. Create an Authentication File: This file will contain a randomly generated password.
   • Open a text editor (Notepad on Windows, TextEdit on Mac).
   • Generate a strong, random password. You can use online tools or the command line:

     openssl rand -base64 12

   • Save the file with a descriptive name (e.g., auth_file.txt). The content of the file should *only* be the password.
2. Securely Transfer the Authentication File: This is crucial! Do *not* email it.
   • Use a secure method like a USB drive, encrypted messaging app (Signal, WhatsApp with end-to-end encryption), or a password manager’s secure sharing feature.
   • Ensure the recipient receives the file through a trusted channel.
3. Create a File to Share: This is the actual document you want to share.
   • Place the file in a directory accessible by both you and the recipient (e.g., a shared cloud folder, or a network drive).
4. Set File Permissions: Restrict access to only the intended recipient.
   • On Linux/macOS:

     chmod 600 /path/to/your/file

     (This gives read and write permissions to the owner, and no permissions to others.)

   • On Windows: Right-click the file, select Properties, go to Security tab. Edit permissions to allow only the recipient’s account access.
5. Generate a QR Code for the Authentication File: This makes it easy for the recipient to scan and enter the password.
   • Use an online QR code generator (e.g., The QR Code Generator).
   • Paste the *contents* of auth_file.txt into the QR code generator’s input field. Do not include the filename, just the password itself.
   • Download the generated QR code image (PNG or JPG format).
6. Share the File Path and QR Code: Send only these two pieces of information to the recipient.
   • Send the full path to the file you want to share.
   • Send the downloaded QR code image (e.g., as an attachment in a secure messaging app).
7. Recipient Accesses the File: The recipient uses the QR code and file path.
   • The recipient scans the QR code with their smartphone camera or a QR code reader app. This will copy the password to their clipboard.
   • They then use this password to access the shared file at the provided path.
8. Revoke Access: Once the recipient has accessed the file, remove the authentication file and change any relevant permissions.
   • Delete auth_file.txt from all locations.
   • If using a shared folder, revoke the recipient’s access if possible.

Important Security Considerations

• Never share the authentication file directly via email or insecure channels. This defeats the purpose of this method.
• Use strong, random passwords. A password manager can help with this.
• Keep the authentication file secure until it is destroyed.
• Consider using end-to-end encryption for all communication related to this process.
• This method provides basic security. For highly sensitive data, consider more robust cyber security solutions like encrypted containers or digital rights management (DRM).