We all have sensitive information we guard closely. Details about our digital wallets, passwords for the services we use every day, or strictly confidential information. These are things we expect to remain private and would never want to be seen by the wrong people.
But have you ever stopped to consider what would happen if, for reasons beyond your control, you could no longer access your digital tools and online accounts? In that situation, you’d likely want someone you trust to step in and manage them on your behalf. That’s exactly the problem the following app is designed to solve.
A new open-source tool called LastSignal has emerged to let users run their own encrypted dead man’s switch on a self-hosted server. The software is designed for scenarios where messages should only be delivered if the sender becomes unreachable and stops responding to scheduled check-ins.
The app works by requiring users to confirm their activity at regular intervals via email. If those confirmations stop, the system automatically releases prewritten messages to designated recipients. The messages are encrypted in the user’s browser before being uploaded, meaning the server only stores ciphertext and cannot read the contents, or, in other words, follows a zero-knowledge design.
This means encryption and key handling are performed on the client side, while the server serves solely as a trigger and delivery mechanism. According to the documentation, LastSignal relies on modern cryptographic primitives and does not require trust in a third-party service operator, as the software is intended to be deployed and managed by the user.
Message delivery in LastSignal is handled via email using standard SMTP. Users must configure their own outbound mail server or SMTP relay for both periodic check-in messages and encrypted payload delivery when inactivity thresholds are reached.
LastSignal also supports the concept of a trusted contact. This is a designated person who can confirm that the user is alive but temporarily unreachable after a final reminder is sent. Such a confirmation delays message delivery for a configurable period, without granting access to the account or the encrypted messages.
App deployment is handled via self-hosting with Docker. To learn more about LastSignal, visit the project’s website or its GitHub page.
Image credits: LastSignal
