Send password securely
Passwords should not live forever in inboxes, ticket comments, or chat transcripts. A self-destructing encrypted link gives the recipient a short window to retrieve the secret and then removes the stored ciphertext.
Recommended handoff flow
1
Create the password in the system where it will be used.
2
Paste it into a self-destructing message and keep the default one-read expiry.
3
Use a separate channel for any extra password.
4
Ask the recipient to confirm access, then rotate or revoke temporary credentials.
Best practices
- Use a one-time encrypted link instead of email or chat history.
- Set the link to expire after the recipient opens it.
- Add a password for higher-risk credentials.
- Rotate the password after handoff whenever the system allows it.
Good fit for
- Temporary app passwords
- Initial admin credentials
- Database or hosting panel access
- API keys that need a short handoff window
The full link is the secret.
The decryption key is stored after the # fragment. Share the complete link only with the intended recipient.