Frequently Asked Questions
Why should I use this service?
Sharing secrets is delicate. You don't want sensitive information (confidential information, passwords, access tokens, key combinations, confessions, etc.) to stay in your Slack channel, Whatsapp chat log, inbox, or any other communication channel. A one-time disposable link guarantees that your secret is only viewed exactly once, before being permanently destroyed.
Use this service in case you want to…
- Share your Netflix password with a family member.
- Send a private message from a public computer.
- Confess to a secret crush.
- Transmit information that could be used against you.
What is the difference to disappearing messages on Signal or Whatsapp?
Anonymity, privacy and security. Plain text messages within a chat log can always get tracked back to you. There are many scenarios where even disappearing messages are a risk factor: Do other people have access to your phone sometimes? What if you lost your phone? Or even worse, your phone might be compromised on an operating system level. With scrt.link you will always just have a link in your conversation history. After the link has been visited once, it will lead to a 404 error page. There is no way of accessing the original content.
What is the difference to Snapchat?
Same answer as for the previous question. Also, the business model behind Snapchat, and every other major social media platform, contradicts the idea of privacy and anonymity. Social media companies need to know their users in order to sell ads.
However, it is fine to share a generated secret link using Snapchat, Facebook, Instagram, Telegram, etc.
How does the service work?
After you submit the form your secret will be encrypted and stored. You can now share the generated short link via text message, email or whatever service you trust. (We recommend Signal, Threema or Matrix.) After the recepients clicks the link, the message gets displayed and permanently removed from the database.
For extra security, you can include a password that will be needed to decrypt the message. (We recommend to share the password via a different channel then the link.)
What is the difference between Message, URL Redirect and Neogram™?
- Message: This is the standard mode. It's the preferred way to share passwords and similar kind of secrets. The recepient has the option to copy the secret. Demo
- URL Redirect: Think about it as a URL-shortener where the generated link only works once.
- Neogram™: Digital letter-style message that automatically burns after reading. Use it for confidential notes, confessions or secret love letters. Demo
How secure is your service?
All messages are end-to-end encrypted using AES-256, which is virtually impenetrable using brute-force methods. AES would take billions of years to break using current computing technology. For the highest level of security, an optional password (which is never stored either) will be used to encrypt your message. Read more on our Security page.
How is end-to-end encryption achieved?
We generate two random strings, one to identify your secret in the database and one to encrypt your message. We don't store the encryption key. Only with the full link you are able to descrypt the secret.
Can I retrieve a secret that has already been shared?
Nope. It's a one time secret. We show it once and then delete it permanently from the database. There is no backup. It's gone for good.
What is the maximum message size?
The current limit is 280 characters.
Can I get notified when a secret has been viewed?
Yes, you can get SMS or Email notifications with an account. Go to Account
Can the recepient save the message?
Sure. You can always take a screenshot. The idea behind this service is to securely share sensitive information one time. We (obviously) don't have control over what a recepient does with the message.
How long do you keep non-viewed secrets?
Until the end of times. Seriously, there is no maximum time limit set. But you can always destroy your secret by visiting the secret link.
Who is behind this service?
Hi, it's @stophecom, web developer and designer who cares about privacy and the open web.