How SecLink Works.

Everything you need to know about creating and sharing self-destructing secrets.

WEB UI
NO ACCOUNT
FREE TO USE

What is SecLink?

SecLink is a web-based tool for sharing sensitive information — passwords, API keys, private notes — via a one-time link that permanently self-destructs after the recipient views it. No account required. No data stored in plain text. Ever.

How to Share a Secret

Everything happens on the homepage. Here's the flow:

  • Step 1 — Paste your secret: Type or paste anything into the text area. Your text is encrypted inside your browser before anything is sent.
  • Step 2 — Set expiration: Choose how long the link stays alive — Single View, 1 Hour, 24 Hours, or 7 Days.
  • Step 3 — Optional passcode: Add a passcode for an extra layer of protection. The recipient will need to enter it before the secret is revealed.
  • Step 4 — Copy and share: Click "Create secure link", then share the generated link with your recipient over any channel.

What Happens When the Link is Opened

The recipient opens the link in their browser. If you set a passcode, they'll be prompted to enter it first. Once they confirm they're ready, the secret is decrypted entirely in their browser and displayed. If the expiry is set to Single View, it is permanently deleted from our servers at that exact moment — it cannot be viewed again.

Expiry Options

  • Single View: Destroyed the instant the recipient opens it. Most secure option.
  • 1 Hour: Auto-deleted 1 hour after creation, whether viewed or not.
  • 24 Hours: Auto-deleted 24 hours after creation.
  • 7 Days: Auto-deleted 7 days after creation.

Passcode Protection

Adding a passcode means even if someone intercepts the link, they cannot decrypt the secret without also knowing the passcode. Share the passcode through a separate channel (e.g. SMS, phone call) for maximum security. We store only an irreversible hash of the passcode — never the passcode itself.

Reporting Abuse

If you received a SecLink link containing harmful or illegal content, you can report it directly from the receiver page. Reported links are reviewed and removed. You can also submit a report via:

POST /api/report

{
  "linkId": "the-link-id",
  "reason": "spam | illegal | harassment | other",
  "description": "optional details"
}

Browser Requirements

SecLink uses the Web Crypto API built into all modern browsers. No plugins or extensions are needed. Supported on Chrome, Firefox, Safari, and Edge. Private/incognito mode works fine.

Is there a public API?

Not yet. A developer API is planned for a future release. For now, SecLink is a web-only tool. If you're interested in API access, reach out at hello@datafort.cloud.