Local Browser Encryption
Better Messages caches recent message data in the browser's IndexedDB for fast loading and offline access. The WebSocket version can encrypt that cache with AES-256 so it's protected against access by other users sharing the device — important for kiosks, shared computers, or public access scenarios.
This is a WebSocket-version feature. The free version caches less data and doesn't expose this encryption setting.
What it adds#
- AES-256 encryption of the local IndexedDB cache on each user's device
- Protects offline message storage from unauthorized device-sharing access
- Transparent to the user — no extra setup, no password prompts
- The encryption key is tied to the user's session — only the authenticated user can decrypt
- Important for kiosks, public-access PCs, family-shared computers, or office desktops with multiple users
How it works#
When local browser encryption is enabled:
- On login, your server provides the user's browser with a per-session encryption key
- Before writing to IndexedDB, the browser encrypts the data with AES-256
- Reads from IndexedDB decrypt on-the-fly
- On logout (or session expiration), the key is wiped — the cache becomes unreadable
| User action | What's protected |
|---|---|
| Logged in, browsing chat | Cache is encrypted in IndexedDB; transparent to the user |
| Logged out | Cache is now unreadable — keys are gone |
| Another user logs in on the same browser | They get their own key — can't read the previous user's cache |
| Power user inspects IndexedDB via DevTools | Sees encrypted ciphertext, not plaintext messages |
| Sophisticated attacker with full device access | Can extract encrypted blob but must defeat AES-256 to read content |
When to enable#
| Environment | Recommendation |
|---|---|
| Public library / internet cafe terminals | Enable — multiple anonymous users share the device |
| Kiosk-style installations | Enable — strong privacy default |
| Office computers with multiple shifts | Enable — privacy between shift workers |
| Healthcare environment | Enable + use E2EE |
| Personal-device-only audience | Optional — adds CPU overhead for limited threat |
How to enable#
Enable Browser Database Encryption in WP Admin → Better Messages → Settings → Messaging → Encryption.
The setting takes effect on the user's next page load. Existing un-encrypted cache entries are migrated to encrypted on read.
Frequently asked questions#
Does this slow down the chat?#
The encryption / decryption happens transparently in WebAssembly or native CryptoAPI — overhead is small (sub-millisecond per operation). No perceptible difference.
Can I export my cache as plaintext?#
No — the cache is intentionally inaccessible outside the authenticated user's session. To export your messages, use WordPress's Personal Data Export — that pulls from the server, not the cache.
What if I want even stronger protection?#
Combine with end-to-end encryption (E2EE) — that encrypts content end-to-end so even your WordPress server can't read it. Combine both for the strongest privacy stack.
What happens if the user clears their browser data?#
The encrypted cache is deleted. The user will need to re-load message history from the server on next visit. Their data on your server is unaffected.
Does this protect against malware on the user's device?#
Partially. Malware that runs in the same browser context as the chat could read the decrypted data while the user is logged in. AES-256 cache encryption protects against threats that access the disk directly (e.g., another user logging into the same OS account).
See also#
- Private (AES-256 transit) — content encryption in transit
- End-to-end encryption — true E2EE per-thread
- Secure (WSS / TLS) — connection-layer security
- Your data is yours — data location overview