secretsecret is a toy project, a service that allows you to share secrets with your colleagues in a secure but simple way. Your secrets NEVER leave your browser unencrypted.
Only the encrypted version is temporarily stored in a Redis cache. Assuming you choose password that is long and unique enough, it is impossible for me to decrypt the secret.
Visit service homepage, then:
- Type the secret that you want to share
- Type password used to encrypt your secret
- You can modify default expiration and self-destruct options, or leave default values
- Click 'encrypt'
- Share the provided link and password used in step 2 with your team mates.
- Open the received secretsecret link.
- Type password you received from a person who gave you the link.
- Click "decrypt" to see the secret.
This app was built with Astro, Svelte and Vercel KV. You can fork this project and deploy your own version to Vercel in a matter of minutes, at almost zero cost.
Q: How secure is SecretSecret?
A: Thanks to client-side encryption, your secret never leaves your browser unencrypted, making it extremely secure.
Q: What happens if the recipient doesn’t open the link?
A: The secret remains encrypted on our servers until it is read or until it expires. Links expire after at most 7 days.
This project is licensed under the MIT License - see the LICENSE.md file for details.