Pass It Around
Share secrets securely. Your data is encrypted in your browser before it ever leaves your device. The server never sees your secrets in plaintext.
Client-Side Encryption
Your secrets are encrypted using AES-256-GCM directly in your browser. The server only stores encrypted data it cannot read.
Text and Files
Share text snippets, passwords, API keys, or upload files. Multiple files can be shared at once in a single encrypted package.
One-Time Links
Secrets can be set to self-destruct after a certain number of views, or split into multiple one-time-use links.
Receive Mode
Create a submission link so someone can securely send you a secret or file, even if they do not have access to the app themselves.
Password Protection
Optionally protect secrets with a password for an additional layer of security beyond the link itself.
No Accounts Required
No sign-ups, no tracking, no cookies. Just open the app, share your secret, and close the tab.
How It Works
- You type or upload your secret. Your browser generates a random encryption key and encrypts everything locally using AES-256-GCM.
-
The encrypted data is sent to the server.
The server stores the ciphertext but never receives the encryption key. The key is embedded in the link fragment (the part after the
#), which browsers never send to servers. - You share the link. The recipient opens the link, and their browser downloads the ciphertext, extracts the key from the URL fragment, and decrypts everything locally.
Quick Start
- Open the app in your browser.
- Type or paste your secret in the text area, or switch to the File tab to upload files.
- Set your options: add a password, choose how many times the link can be viewed, and set an expiration time.
- Click "Create Secret" and copy the link that appears.
- Send the link to your recipient through any channel (chat, email, etc.).
For more details, see Sharing Secrets or Installation to set up your own instance.
Open the App