1. Temporary Gmail Access
Cloudsweeper uses OAuth2 to connect to your GMail account, so that you never have to share us with your GMail credentials. OAuth means you stay in control of your account, can revoke access anytime you'd like, and your username and password stay secure and private.
2. Scanning for Passwords
Our system programtically looks through your email to find plain text passwords in the same way a hacker or spy might. You'll then be presented with a list of found passwords that you can, optionally, redact from your account or encrypt.
3. Encrypt or Redact
If you choose, we will remove or encrypt any of the passwords found in your account. If you choose to encrypt the found passwords, we'll use strong encryption to secure these credentials, and then present you with a key and a QR code you can use to later decrypt this information. Only you will have the key, so only you will be able to access these credentials in the future, keeping your account safer from hackers, spys and malicious users.
This tool can report aggregate, non-personal statistics like number of passwords found and whether you chose to redact or encrypt them to us for research purposes. Would you be willing to participate in this study? We collect no personally identifiable information, store it securely, and will freely share the results of our research.
You have opted out of particpating in the study. You are still able to fully use this tool to search for plain text passwords in your email. Neither the functionality of this tool, nor your ability to use it, are impacted in anyway by this decision.
No permanent information about you or your email will be recorded beyond what is needed to perform the password search. Once you leave or logout of Cloudsweeper this temporary information will be removed too.