Plaintext stays in your browser until you encrypt. Choose a passphrase — share it on a separate channel.
Step 02 / 03
Encrypted. Publish once.
AES-256-GCM with a key from PBKDF2-SHA256 (310,000 iterations). When you create the link, the ciphertext is stored once on the server and deleted on first read.
Ciphertext (v1)
Algorithm
AES-256-GCM, random 96-bit IV
KDF
PBKDF2-SHA256 · 310k iter · random salt
Plaintext
Cleared from the form after encrypt
Passphrase
Never sent to us. Share separately.
Step 03 / 03
Your link.
Send this URL by one channel and the passphrase by another. Opening the link consumes the ciphertext — refresh or a second visit returns nothing.
—
Do not send the passphrase in the same message as this link.
Decrypt
Unlock locally.
If you opened a one-time link, the encrypted text was loaded from the server. Decryption runs only in your browser.
You opened a one-time link. Fetching encrypted text…