Create a client-side encrypted one-time link to a secret

Safely send credentials, API keys and other secrets over the wire

Length exceeded, please use a shorter secret.

  Log in to access all settings and features like message, expiration time, notifications, custom layouts and API.

Make sure the secret you send stays secret.

Client-side encryption and decryption

All encryption and decryption is performed in the browser.

Half of the encryption key is stored in the link itself and never sent anywhere. Viewing the secret is not possible without the original link.

One-time link, always

The link can only be opened once. This ensures nobody has opened it before the recipient.

The encrypted secret is deleted from our database when it has been viewed. There's no way to view it again.

No more archived messages containing valid credentials

Sending secrets in plain text exposes them to threats even after the message has been long forgotten.

Using a one-time link ensures that there are no valid credentials lying around in email inboxes or archived instant messages.


We never store more user data than is absolutely needed to run the service.

No analytics scripts or codes - we do not track our users.

Perfect for IT teams big and small.

The common situation - you need to send credentials over email or Slack. But how can you know if someone was eavesdropping and read the message and the credentials? And how can you know when and who viewed the credentials?

Using our service you can create a one-time link to the credentials and be sure nobody sees them before the recipient. You can also configure notifications to be sent via different channels so you know when the credentials have been viewed, and by who.

You can completely hide our branding and add your own, and you can also customize the content of the pages your users see when they view the credentials.

Want to integrate our service directly into your software, or want to perform the encryption and decryption outside of our service? No problem - we have an easy to use REST API just for that.

Delivering secrets since 2016.

Refic Oy (VAT ID FI27358926, based in Finland) has been working on the service since 2016. During this time the service has grown to be the number one tool for sending secrets for many IT companies all around the world. We continue to improve the service with one primary goal in mind: keep it simple and secure.