DoorDast is an end-to-end encrypted remote desktop. Your screen, files and clicks are locked with AES-256 before they leave your device, and only the device you connected to holds the key. Not the network, not the relay, not us — no one in between can see them. This page explains exactly how that works, in plain language.
What “end-to-end encrypted” actually means
Almost every remote desktop tool says it is “encrypted”. Usually that means the connection between your computer and the vendor’s servers is encrypted — the same way your browser talks to any website. That protects you from someone on your Wi-Fi, but it does not protect you from the servers in the middle: whoever runs them could, in principle, decrypt, inspect or record your session.
End-to-end encryption is a stronger promise. The two devices in a session — yours and the one you are connecting to — agree on encryption keys directly with each other. Everything that travels between them is sealed with those keys. Servers along the way only ever handle scrambled data they cannot open, because they were never given a key. With DoorDast, “no one can see your screen” is not a policy we promise to follow. It is a property of the math: we could not look even if we were ordered to.
The threat model, in plain language
Here is who could plausibly try to watch a remote desktop session, and what DoorDast’s design does about each of them:
- Someone on your network — a snooping café Wi-Fi, a compromised router, a workplace middlebox. They see only ciphertext, twice over: the end-to-end layer plus encrypted transport underneath it.
- Our relay servers. When two devices cannot reach each other directly, a DoorDast relay forwards the traffic. The relay moves sealed boxes without a key — it can count bytes, but it cannot open them.
- Us, DoorDast. Session keys are created fresh on your devices for every session and never sent to us. We cannot watch a live session, and we cannot decrypt a recorded one later.
- An impostor server. The app verifies it is talking to the genuine DoorDast service on every connection, so an attacker cannot slip in between and hand you fake keys.
What end-to-end encryption cannot do — and no honest vendor will tell you otherwise — is protect a device that is itself compromised. If the computer on either end has malware with screen access, encryption in transit does not help. DoorDast’s job is to make sure the connection between two healthy devices adds zero new eyes.
How a DoorDast session gets its keys
- You share a code. One side shares a short session code. The code is how the two devices find each other — it is not the encryption key.
- The devices agree on keys directly. Once matched, the two apps run a key exchange with each other. The resulting AES-256 session keys exist only on the two devices.
- Everything is sealed per frame. Video, input, files, clipboard and chat are each encrypted with authenticated encryption (AES-GCM), so tampering is detected, not just hidden.
- Keys die with the session. Every session starts a brand-new exchange. There is no master key, so nothing recorded today can be unlocked tomorrow.
What our servers can and cannot see
| Our servers see | Our servers never see |
|---|---|
| That two devices matched a session code | Your screen, in any form |
| Encrypted traffic volume (bytes forwarded) | Keystrokes, mouse input, or clipboard contents |
| Connection metadata needed to route the session | File names or file contents in a transfer |
| Version and health info the app reports | Chat messages |
| — | Session encryption keys, ever |
How this compares to other remote desktop tools
An honest comparison: every major tool encrypts traffic in transit, and several make end-to-end claims of their own. The differences that matter are whether end-to-end protection is the default, whether the operator’s infrastructure ever holds key material, and whether you can verify any of it. Check each vendor’s own security documentation — here is the landscape as they describe it:
| DoorDast | AnyDesk | TeamViewer | Chrome Remote Desktop | RustDesk | |
|---|---|---|---|---|---|
| Encryption in transit | Yes (QUIC/TLS + E2E layer) | Yes (TLS 1.2) | Yes (TLS/AES) | Yes (WebRTC/DTLS) | Yes |
| End-to-end by default | Yes, always — no mode to turn off | Vendor-described E2E; closed source | Vendor-described E2E; closed source | Session via Google infrastructure and account | Yes; self-hostable, open source |
| Fresh keys per session | Yes | Per vendor docs | Per vendor docs | Per session | Yes |
| Account required to be helped | No — a code is enough | No | Yes (free tier) | Yes, Google account both ends | No |
| Free for personal use | Yes, no session limits | Yes, with usage limits | Yes, with commercial-use detection | Yes | Yes |
If you want the deeper feature-by-feature picture, see our honest comparisons: DoorDast vs AnyDesk, DoorDast vs TeamViewer, DoorDast vs Chrome Remote Desktop and DoorDast vs Quick Assist.
Privacy is also about control, not just encryption
- Nothing happens without consent. A connection has to be accepted on the machine being reached — unless you deliberately set an access password for your own unattended computers.
- File access is permissioned separately. Watching a screen does not grant file access; the file manager only opens with your say-so, and the rest of the disk stays off-limits.
- View-only exists on purpose. Share your screen for a demo or a second opinion without handing over mouse and keyboard — including to a guest who joins from a browser with just a link and code.
- DoorDast hides itself from the share. The app’s own windows are excluded from capture, so your session controls, codes and chats never appear on the other person’s screen.
- No account needed. Guests connect with a code, full stop. Signing in is optional and only adds convenience — a device list, favorites, one-tap access.
Frequently asked questions
Can DoorDast employees see my screen?
No. Session keys are generated on your devices and never leave them. Our servers relay encrypted data they cannot decrypt — there is no admin tool, support mode or legal switch that changes this, because the capability does not exist.
Is the relay a weak point?
The relay only ever forwards ciphertext. Even a fully compromised relay could disrupt your connection, but it could not read your screen, your files or your keystrokes — the end-to-end layer is sealed before traffic reaches it.
What encryption does DoorDast use?
Sessions are protected with AES-256 in GCM mode (authenticated encryption) with fresh keys negotiated between the two devices for every session, on top of encrypted transport (QUIC, with an encrypted WebSocket fallback for strict networks).
Can an old, recorded session be decrypted later?
No. Keys are ephemeral — created for one session and discarded. There is no long-term key that could unlock past traffic, so recording ciphertext today buys an attacker nothing tomorrow.
Do I have to trust you on any of this?
Less than you’d think. The design means our honesty is not the security boundary: we hold no keys to hand over, leak or abuse. What you do trust is the app binary itself — the same trust you extend to any software you install — and we keep that surface small: no telemetry of session contents, no cloud recording, no server-side session storage.
Try it yourself: download DoorDast for Windows — free, end-to-end encrypted by default, connected in under a minute.