Client-side encrypted. No account required.

Send a private note that disappears after it is opened.

0 characters

Create a secure, self-destructing link for passwords, API keys, personal notes, and confidential handoffs. The key stays in the recipient link, never on the server.

The message is encrypted in the browser with AES-256-GCM before upload, and the server only stores ciphertext. You can set a view limit, expiry time, and optional password for extra protection.

Browser encryption

AES-256-GCM runs before upload, so the server only stores ciphertext.

Fragment key

The decryption key lives after # in the URL and is not sent with HTTP requests.

Disposable by design

Use one read, timed expiry, or a small view limit for temporary handoffs.

Built for sensitive handoffs

Share passwords

Send a temporary credential without leaving plaintext in inboxes or chats.

Physical handoff

Create a QR code for labels, packages, events, or face-to-face sharing.

Private notes

Write a sensitive note that disappears once the recipient has read it.