🔒 Security Error

This application requires a secure context (HTTPS) to run.
Please host this file on a web server or use a service like GitHub Pages. Do not open it as a local file.

❌ Loading Error

Share a Secret

0
👁️

Unlock Secret

👁️

Decrypted Secret

This secret will not be saved. Copy it now.

Loading...

How It Works & Security Recommendations

How It Works

This tool uses strong, modern, end-to-end encryption to protect your secrets. Here's the security model:

  • Client-Side Encryption: All encryption and decryption happens directly in your browser. The server never sees your password or your unencrypted secret.
  • Zero-Knowledge Server: The website itself is just a static file. It has no database and stores no information about you or your secrets.
  • Strong Cryptography: Your password is used to derive a key with Argon2id (a modern key derivation function). Your secret is then encrypted with that key using AES-256-GCM, a military-grade encryption standard.
  • Data in URL: All the data needed to decrypt the secret (the encrypted text, salt, etc.) is stored in the URL fragment (#), which is never sent to the web server.

Important Security Recommendations

  • Secure Channel Transmission: For maximum security, send the generated link and the password through different communication channels. For example, email the link and send the password in a separate text message.
  • Browser Extension Risk: Malicious browser extensions can potentially read data from your screen or intercept what you type. For highly sensitive secrets, consider using a private/incognito browser window, which typically disables extensions.
  • Phishing Awareness: Always verify that the URL in your browser's address bar is correct before entering a password. An attacker could create a clone of this website on a different domain to try and steal your secrets.