Skip to content
Back to projects
Software DevelopmentLatest release 1.3.1.02025-2026

FileLocker

A local-first Windows security app for encryption, file integrity, metadata review, secure delete, and guided System Care tools.

Expanded FileLocker from an encryption utility into a broader Windows security suite with modern AEAD payloads, safer output choices, guided maintenance workflows, and a repeatable Inno Setup release path.

Discuss similar workDownloadView GitHub repoLatest release
Role
Solo Developer
Team size
Solo build
Updated
2026-06-10
FileLocker project preview

Overview

What the project is and why it mattered.

FileLocker is a Windows 10/11 desktop app for people who want simple local control over sensitive files. The current 1.3.1.0 release combines file encryption and decryption, SHA-256/SHA-512 hashing, text encoding, metadata preview, secure delete, startup and app review, custom cleanup, free-space sanitizing, drive tools, registry review, Explorer integration, settings, checksum-verified update checks, and a plain-language security guide.

Latest release

v1.3.1.0

App model

Local-first WinUI 3 + WebView2 desktop app

Workflows

Encrypt, hash, metadata, secure delete, and System Care

Problem

Security and cleanup tools can become risky when defaults are unclear. FileLocker needed to keep advanced controls available while making common actions easier to understand, safer to run, and easier to recover from if something fails.

Role

I built and maintain the app end to end, including the WinUI/WebView host, C# bridge services, React frontend, encryption payload handling, System Care workflows, installer packaging, release notes, updater behavior, and validation scripts.

Build details

Stack, constraints, and decisions.

Stack

C#.NET 10WinUI 3WebView2Windows App SDKReactTypeScriptViteTailwind CSSAES-256-GCMChaCha20-Poly1305AES-256-GCM-SIVArgon2idInno SetupGitHub Releases

Constraints

  • High-impact file operations needed explicit confirmations, visible status, and safer output defaults.
  • Advanced encryption, keyfile, recovery, and output controls had to stay discoverable without overwhelming the default flow.
  • The React UI and native Windows host needed a stable bridge for files, settings, updates, and maintenance actions.
  • System Care pages needed scan, review, and apply patterns instead of vague one-click cleanup.
  • Version numbers, installer names, checksums, release notes, and updater metadata had to stay aligned for GitHub Releases distribution.

Decisions made

Keep the default path simple

Primary pages focus on drag-and-drop, clear next actions, status summaries, and safer defaults, while advanced controls stay nearby in focused panels.

Use modern authenticated encryption

New .locked files use the header-authenticated v4 payload format with AES-256-GCM by default and ChaCha20-Poly1305 or AES-256-GCM-SIV when the runtime supports them, with Argon2id key derivation, per-chunk AEAD tags, and explicit algorithm metadata checked against the authenticated header. Older AES-256-GCM v3 payloads stay decryptable.

Make maintenance actions review-first

Custom Clean, Startup Manager, Registry Fixer, Drive Optimizer, Partition Cleaner, and App Manager use guided review states, risk labels, admin prompts, and clearer empty states.

Show local-first behavior throughout the app

The UI, settings, About page, and security guide reinforce that file contents, passwords, recovery material, and activity history stay on the device.

Treat release infrastructure as product quality

The app now uses an Inno Setup installer, GitHub Releases update checks, SHA-256 verification when available, and synchronized release metadata.

Outcome

What came out of it.

Outcome

  • Shipped the 1.3.1.0 release with Inno Setup packaging, SHA-256 checksum sidecars, and a fixed updater download path that closes temporary .download files before verification.
  • Added the header-authenticated v4 payload format with multi-algorithm .locked support while keeping existing AES-256-GCM v3 payloads decryptable.
  • Expanded the app into encryption, hashing, encoding, metadata review, secure delete, startup review, cleanup, free-space sanitizing, drive, registry, app, Explorer integration, settings, About, and Security Guide workflows.
  • Improved safety with explicit output modes, visible review steps, confirmation patterns, risk copy, and clearer failure states.
  • Refined the desktop experience with a collapsible sidebar, Home dashboard, compact titlebar spacing, diagnostics, and more scannable system-care pages.

Lessons

  • A security app needs plain workflow design as much as strong crypto.
  • Advanced controls work best when they are close to the task but not forced into the beginner path.
  • Installer naming, update checks, release notes, and checksums are part of the user experience once the app is public.

Next

  • Keep expanding regression coverage around encryption algorithms, payload compatibility, output collisions, and updater behavior.
  • Continue polishing first-run clarity, empty states, and advanced-control disclosure across the UI.
  • Add stronger screenshots or short demos for the portfolio case study.
  • Further automate release synchronization for versions, installer assets, checksums, and documentation.

Keep browsing

Keep moving through the archive or reach out if you want to talk through similar work.

Previous: Portfolio WebsiteNext: PrivacyLens