QR Code Encryption

Secure your QR codes with password-based encryption. Standard camera apps will show encrypted gibberish, but mini-qr can decrypt with the correct password.

How It Works

Encryption Flow

User Data → Password → Encryption → QR Code (encrypted)
                                        ↓
                        Standard Camera → Shows: "ENC:U2FsdGVkX1..."
                                        ↓
                        mini-qr + Password → Original Data ✓

What Happens

User enters data (e.g., "Secret meeting: Room 405")
User enables encryption and provides password
App encrypts data using AES-GCM algorithm
QR code contains encrypted text: ENC:U2FsdGVkX1+abc123...
Standard cameras decode and show gibberish
mini-qr scanner detects encryption prefix and prompts for password
Correct password decrypts and shows original text

Security Specifications

Feature	Specification
Algorithm	AES-GCM (Galois/Counter Mode)
Key Size	256-bit
Key Derivation	PBKDF2 with 100,000 iterations
Hash Function	SHA-256
Salt	Random 16-byte salt (unique per encryption)
IV	Random 12-byte initialization vector (unique per encryption)
Prefix	`ENC:` for auto-detection
Encoding	Base64 after encryption

Creating Encrypted QR Codes

Step-by-Step

Navigate to Create tab
Enter your sensitive data
Expand Settings accordion
Scroll to Encryption section
Check ✅ Encrypt QR code
Enter a strong password
Wait for green ✅ "QR code is encrypted" confirmation
Export your QR code as usual

Visual Confirmation

When encryption is active, you'll see:

🔒 Lock icon in encryption section
🟢 Green success message: "QR code is encrypted"
🟡 Size warning (if data increased significantly)
Encrypted badge above export buttons

Password Requirements

Recommended:

✅ 12+ characters
✅ Mix of uppercase and lowercase
✅ Include numbers
✅ Include symbols (!@#$%^&*)
✅ Avoid dictionary words

Minimum:

1 character (not recommended for sensitive data)

Examples:

❌ Weak: password123
⚠️ Okay: MySecret2024!
✅ Strong: kR9$mN#2pL@vB5qT
✅ Strong: correct-horse-battery-staple-2024!

Scanning Encrypted QR Codes

Detection

mini-qr automatically detects encrypted codes by the ENC: prefix:

Shows 🔒 lock icon badge
Displays amber warning box
Prompts for password

Decryption Process

Scan the encrypted QR code
Enter decryption password in the field
Click Decrypt button (or press Enter)
Success: Shows ✅ green message and displays original data
Failure: Shows ❌ error message: "Decryption failed: Invalid password or corrupted data"

What Standard Cameras See

Standard Phone Camera Scan Result:
─────────────────────────────────
ENC:U2FsdGVkX19xY2F0aW9uIG9mIHRoaXMgbWVzc2FnZSBwcm90ZWN0ZWQgYnkgQUVTL UdDTSBlbmNyeXB0aW9u...
─────────────────────────────────
[Meaningless encrypted text - cannot be decrypted]

Use Cases

Conference & Events

Problem: Badge QR codes expose attendee contact information
Solution: Encrypt phone/email in QR codes

Print badge with encrypted QR code
Share password only with authorized staff
Staff use mini-qr to scan and access info
Public can't read sensitive data

Secure URLs

Problem: Private meeting links on printed materials
Solution: Encrypt Zoom/Teams links

Generate encrypted QR with meeting URL
Print on flyers or badges
Share password via email/SMS
Anyone with password can join, others can't

WiFi Credentials

Problem: Guest WiFi password visible to everyone
Solution: Encrypted WiFi QR codes

Create WiFi QR code with password
Encrypt the entire QR code
Share decryption password with approved guests only
Unauthorized users can't extract WiFi credentials

Access Codes

Problem: Door codes or locker combinations on printed materials
Solution: Encrypt access codes in QR

Generate QR with building/locker code
Encrypt with resident/member password
Post publicly without security risk
Only authorized people can decrypt

Problem: Business cards with phone/email are publicly readable
Solution: Encrypted vCard QR codes

Create vCard with personal details
Encrypt before printing on cards
Share password verbally when exchanging cards
Prevents digital harvesting of contact info

Size Impact

Encryption increases QR code data size by approximately 30-40%.

Example

Original Data	Encrypted Size	Increase
"Hello World" (11 chars)	~65 chars	+491%
URL (50 chars)	~85 chars	+70%
vCard (200 chars)	~280 chars	+40%
Long text (500 chars)	~680 chars	+36%

Implications:

🔺 Larger QR codes (more modules)
🔺 May need to reduce error correction level
🔺 May need larger print size
⚠️ App shows warning if size increases >50%

Recommendations:

Use error correction level Q or M (not H)
Increase QR code print size to 3cm x 3cm minimum
Keep original data concise when possible
Test scanning after encryption

Password Management

Secure methods:

✅ In-person verbal communication
✅ Encrypted messaging apps (Signal, WhatsApp)
✅ Separate secure channel (email password, SMS QR code)
✅ Physical written note
❌ Never include password WITH the QR code
❌ Never post password on same webpage/document

Password Storage

Important:

❌ App does NOT store passwords
❌ No password recovery if forgotten
❌ Lost password = unrecoverable data
✅ Use password manager for important passwords
✅ Share backup with trusted person if critical

One Password or Many?

Single Password (same for all):

✅ Easier to manage
✅ Works well for batch export
⚠️ If leaked, all QR codes compromised

Unique Passwords:

✅ Better security
✅ Limited exposure if one leaks
⚠️ Harder to manage multiple passwords

Best practice: Use single password per batch/event, unique passwords for highly sensitive individual codes.

Batch Export with Encryption

All QR codes in a batch use the same encryption password.

Workflow

Prepare CSV file with data
Click Batch Export
Upload CSV
Enable Encrypt QR code
Enter password (applies to all)
Export ZIP with encrypted QR codes
Share password separately with recipients

Use case: Conference badges

100 badges with encrypted contact info
One password shared with staff
Staff can scan any badge to get attendee details
Public scanning shows only gibberish

Security Considerations

What Encryption Protects

✅ Content privacy — Data unreadable without password
✅ Unauthorized access — Only password holders can decrypt
✅ Public display — Safe to post encrypted QR codes publicly

What Encryption Does NOT Protect

❌ QR code visibility — Code itself is still visible
❌ Physical security — Anyone can see/photograph the QR code
❌ Password guessing — Weak passwords can be brute-forced
❌ Social engineering — Password can be tricked out of users

Best Practices

Use strong passwords (12+ characters, mixed characters)
Share passwords securely (separate channel from QR code)
Rotate passwords for sensitive applications
Test decryption before distributing QR codes
Keep backups of original unencrypted data
Document passwords in secure password manager
Use different passwords for different security levels
Educate users on password importance

Troubleshooting

"Encryption increases QR code size by X%"

Cause: Encrypted data is ~30-40% larger
Solution:

Lower error correction level (Q → M → L)
Increase QR code print size
Shorten original data if possible
Accept larger QR code size

"Decryption failed: Invalid password"

Cause: Wrong password or corrupted data
Solution:

Double-check password (case-sensitive)
Check for typos
Verify you have the correct QR code
Try re-scanning the QR code
Contact QR code creator for correct password

Encrypted QR Won't Scan

Cause: QR code too dense or damaged
Solution:

Increase print size to 4cm x 4cm minimum
Use error correction level Q or M
Ensure high print quality
Clean camera lens
Improve lighting

"QR code is encrypted" Not Showing

Cause: Encryption not applied or in progress
Solution:

Check password is entered
Wait for encryption to complete
Check for error messages
Verify encryption checkbox is enabled
Try refreshing page

Technical Details

Encryption Process

Input: "Secret data" + "myPassword123"
    ↓
1. Generate random salt (16 bytes)
2. Derive key from password using PBKDF2 (100k iterations)
3. Generate random IV (12 bytes)
4. Encrypt data with AES-GCM
5. Combine: [salt | IV | encrypted data]
6. Encode as Base64
7. Prepend "ENC:" prefix
    ↓
Output: "ENC:U2FsdGVkX19abc123def456..."

Why This Is Secure

AES-GCM — Industry standard, used by governments and banks
256-bit keys — Astronomically large key space (2^256 possibilities)
PBKDF2 — Slows down brute-force attacks
Random salt — Prevents rainbow table attacks
Random IV — Each encryption is unique even with same password
Authenticated encryption — Detects tampering

Browser Compatibility

Uses Web Crypto API (built into modern browsers):

✅ Chrome 60+
✅ Firefox 57+
✅ Safari 11+
✅ Edge 79+
✅ All modern mobile browsers
❌ Internet Explorer (not supported)

How It Works​

Encryption Flow​

What Happens​

Security Specifications​

Creating Encrypted QR Codes​

Step-by-Step​

Visual Confirmation​

Password Requirements​

Scanning Encrypted QR Codes​

Detection​

Decryption Process​

What Standard Cameras See​

Use Cases​

Conference & Events​

Secure URLs​

WiFi Credentials​

Access Codes​

Personal Data Sharing​

Size Impact​

Example​

Password Management​

Password Sharing​

Password Storage​

One Password or Many?​

Batch Export with Encryption​

Workflow​

Security Considerations​

What Encryption Protects​

What Encryption Does NOT Protect​

Best Practices​

Troubleshooting​

"Encryption increases QR code size by X%"​

"Decryption failed: Invalid password"​

Encrypted QR Won't Scan​

"QR code is encrypted" Not Showing​

Technical Details​

Encryption Process​

Why This Is Secure​

Browser Compatibility​

Next Steps​