Have you ever needed to share some private information, but needed to make sure it was shared securely?
Maybe you had to test something quickly, but didn’t need to maintain the password?
Or, perhaps you had a sensitive message, private link, or password you wanted to share with one person?
I’ve had that happen to me multiple times over the past few weeks. And it happened again this morning on a phone call.
And that’s when I remembered One-Time Secret, a site anyone can use to transfer or share sensitive information safely.
Created by Delano Mandelbaum in 2012, One-Time Secret lets you send passwords, private links, or messages safely and securely.
You can send messages without creating an account, or you can set up a free account. Paid plans are also available.
Messages are limited to 25K for anonymous users, 50K for users with free accounts. Paid users get more space, but I could’t find info on the website for the limits.
You even have the option to encrypt the message with a passphrase, available under Privacy Options.
Why Use One-Time Secret?
When you use email to send passwords or messages, copies of that information are maintained in different places.
Which means the information you send in email isn’t secure.
With One-Time Secret, the link only works once for a single viewing.
It can’t be read by anyone else at a later time. Once the information is displayed, it’s deleted.
Secrets don’t last forever. They’re maintained for seven days for anonymous users; 14 days for users with free accounts. After that, secrets are deleted forever.
One-Time Secret is a great tool for remote teams that need to test code one time and need to transfer passwords, but don’t need to maintain passwords.
The code is open-sourced and available on GitHub, so you can set up your own instance of One-Time Secret.
What You Need to Know
You can use One-Time Secret without creating an account. But if you choose to create a free account, it’s quick to set up.
I smiled when I saw their confirmation message.
Be mindful of what you share. It’s not a good idea to share a personal password you use across accounts like your bank, credit card, and credit union.
You can “burn a secret”, which means you can delete it before it’s been read. Maybe you’ve created a secret, but changed your mind after you sent the secret link.
When you burn the secret, they won’t be able to read it.
I can see lots of uses for One-Time Secret with my clients, who want to share a password with me quickly. Or when I need to send them sensitive information about their website.
What do you think of One-Time Secret? How could you use it?