Send password securely

Passwords should not live forever in inboxes, ticket comments, or chat transcripts. A self-destructing encrypted link gives the recipient a short window to retrieve the secret and then removes the stored ciphertext.

Recommended handoff flow

1

Create the password in the system where it will be used.

2

Paste it into a self-destructing message and keep the default one-read expiry.

3

Use a separate channel for any extra password.

4

Ask the recipient to confirm access, then rotate or revoke temporary credentials.

Best practices

  • Use a one-time encrypted link instead of email or chat history.
  • Set the link to expire after the recipient opens it.
  • Add a password for higher-risk credentials.
  • Rotate the password after handoff whenever the system allows it.

Good fit for

  • Temporary app passwords
  • Initial admin credentials
  • Database or hosting panel access
  • API keys that need a short handoff window
The full link is the secret.
The decryption key is stored after the # fragment. Share the complete link only with the intended recipient.
Create secure password link