What is One Time Link?
- If you ever need to send a password or a secret note with sensitive information to someone that you can not send it over email or chat, you can now use our Secret Share tool to generate a one time link.
- Sharing sensitive info via email or chat are not secure as anyone can intercept and store that information. Using our Secret Share as the extra layer to safely and securely transfer the data to your recipients, just generate link and share online.
How secured is the stored note?
- The secret note is encrypted in the browser prior to sending to our server to store AND encrypted again on server side prior to actual storage (i.e. 2-layer encryption), only available once to those you share the secret link with and only your secret link can decrypt the stored notes:
- The notes are completely secured and even we can’t decrypt it.
- Part of the encryption key is stored in the link itself and never seen by us or anyone else.
- Viewing the secret note is not possible without the original link.
- Once expired or viewed, the encrypted secret notes and passphrase will be deleted from our database forever (self destruct link), there’s no way to view it again^. This ensures nobody has opened it before the recipient and nobody can open it again afterwards. One-time link, always!
- Only share your secret note or password, do not share or mention all other information together (eg: username, platform of the password, your organisation, etc.), which can compromise security. Instead, break them into multiple notes and share them separately if needed.
- If you have set a passphrase (recommend using our Password Generator), it’s recommended sending the one-time link and the passphrase via different mediums, eg: one-time link via email and passphrase via message, to maximise the security.
We adopt Advanced Encryption Standard (AES)
The Advanced Encryption Standard (AES), also known by its original name Rijndael, is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001.
AES is a variant of the Rijndael block cipher developed by two Belgian cryptographers, Joan Daemen and Vincent Rijmen, who submitted a proposal to NIST during the AES selection process. Rijndael is a family of ciphers with different key and block sizes. For AES, NIST selected three members of the Rijndael family, each with a block size of 128 bits, but three different key lengths: 128, 192 and 256 bits.
AES has been adopted by the U.S. government. It supersedes the Data Encryption Standard (DES), which was published in 1977. The algorithm described by AES is a symmetric-key algorithm, meaning the same key is used for both encrypting and decrypting the data.
In the United States, AES was announced by the NIST as U.S. FIPS PUB 197 (FIPS 197) on November 26, 2001. This announcement followed a five-year standardization process in which fifteen competing designs were presented and evaluated, before the Rijndael cipher was selected as the most suitable (see Advanced Encryption Standard process for more details).
AES is included in the ISO/IEC 18033-3 standard. AES became effective as a U.S. federal government standard on May 26, 2002, after approval by the U.S. Secretary of Commerce. AES is available in many different encryption packages, and is the first (and only) publicly accessible cipher approved by the U.S. National Security Agency (NSA) for top secret information when used in an NSA approved cryptographic module (see Security of AES, below).
^ The data won’t be even stored in our backup databases, so forever means not able to be undone or recovered.
Part of the documentation uses material from the Wikipedia article “Advanced Encryption Standard”, which are released under the Creative Commons Attribution-Share-Alike License 3.0.