Zero-Knowledge · Self-Destructing · End-to-End Encrypted

Share secrets.
Not risks.

Passwords, API keys, and sensitive data - transmitted securely via links that self-destruct after the first view.

Try it now How it works

How do you share sensitive data today?

📧

Via email

Stays in the inbox forever - yours, the recipient's, and possibly a few others.

💬

Via chat or SMS

Synced to the cloud, searchable, rarely truly encrypted.

📄

In a document

Passwords in tickets, Notion, or Google Docs - a data breach waiting to happen.

How it works

Three steps.
Zero friction.

✍️

Enter your secret

Type your password or API key into the text field. Your browser encrypts it immediately - before it ever reaches our servers.

🔗

Share the link

You receive a one-time link. Send it via email, Slack, or SMS. The decryption key lives in the link - and never leaves your browser.

💥

Open & vanish

The recipient opens the link, reads the secret - and it is immediately and permanently deleted. A second request returns nothing.

In practice

From you to the recipient -
without detours.

The server only ever sees encrypted data. The key exists only in the link.

You (sender)

db_password=xK9#mP2$qR7
host=prod.db.internal

🔐 Encrypt & create link

→

send link

Recipient

sentrashare.net/s/a7f3k#kY9xQp2mR...

db_password=xK9#mP2$qR7

← hover to unblur · afterwards: deleted

Why SentraShare

Security without
compromise.

🔒

End-to-end encrypted

Encryption happens in your browser. We only ever store unreadable ciphertext - even if we wanted to, we could not read your data.

💣

Self-destructing

After the first view the secret is permanently deleted. No second retrieval, no backup, no second chance - by design.

⏱️

Custom expiry

You decide how long a link stays valid - from one hour up to 90 days. After that, everything is deleted automatically.

🔑

Optional passphrase

Double security: in addition to the link, the recipient can be required to enter a passphrase you share through a separate channel.

📨

Request links

Ask someone to send you a secret - without you or us ever seeing the content. The recipient's key stays with the recipient.

🔌

API & integrations

Seamless integration into your DevOps pipelines, CI/CD systems, or custom applications via REST API.

Technology

We know nothing.
By design.

Zero-knowledge means: even if our servers were compromised, there would be nothing to steal. The key never exists on our side.

✍️

You type

The secret briefly lives in browser memory

🔐

Browser encrypts

AES-256-GCM, key randomly generated client-side

📤

Only ciphertext sent

Unreadable encrypted bytes go to the server

🔗

Key in the link

In the URL fragment - which no server ever receives

👁️

Decrypted by recipient

Only in the recipient's browser, nowhere else

What lives on our server: Unreadable encrypted bytes, an expiry timestamp, and a view counter. No plaintext. No key. No metadata about the content.

Pricing

Start for free.

No credit card required. Upgrade anytime when you need more.

Free

^€0

forever free · no card needed

For anyone who needs to share secrets securely

Secrets3 / hour

Max TTL24 hours

Max views1 (one-time)

Max size1 KB text

One-time encrypted links
Zero-knowledge encryption
Self-destructing secrets
Dashboard & audit log
File upload
Passphrase protection
Multi-user workspace

Start for free

No registration required

Need more power?
Upgrade your plan.

Unlock longer TTLs, higher rate limits, file uploads, passphrase protection, multi-user workspaces, and a full audit log - starting at just €9/month.

✓ Basic - €9/mo · 50 secrets/hour · 7 day TTL

✓ Professional - €19/mo · file upload · passphrase

✓ Enterprise - €49/mo · 1000/hour · audit export

View all plans & pricing →

30 days free trial on all paid plans · Cancel anytime

Frequently asked questions

Can I read the content of a secret after creating it? +

No. Once a secret is created, the decryption key only exists inside the share link. Even we cannot read the content. After the first retrieval, everything is deleted.

What happens if the recipient accidentally opens the link? +

The secret is consumed and cannot be retrieved again. You would need to create a new secret and send a new link. As the sender you can also delete the secret manually beforehand using the delete token.

Is the service GDPR-compliant? +

Yes. We store minimal metadata, no personal content, and all data is automatically deleted after the expiry date. Server infrastructure is located in the EU.

I'm sending the link via email - is it still safe? +

The link is single-use, which is already far safer than sending a password in plain text. For maximum security we recommend the passphrase option: send the link via email and the passphrase via SMS or phone - anyone who only intercepts the email cannot access the secret.

Can I integrate the API into my own application? +

Yes, from the Professional plan onwards. We offer a REST API for integration into DevOps pipelines, deployment scripts, or custom applications.

Share secrets.Not risks.