Sekretosekre.to
Sekreto

Frequently Asked Questions

Here you'll find answers to common questions about our service. Our goal is to make sharing sensitive information simple and secure.

General Questions

1. What is sekre.to for?

This is a free tool for securely sharing sensitive information like passwords, API keys, private notes, or any other piece of text you don't want to send over email or chat. You create a secret, get a special one-time link, and share it. The secret is then permanently destroyed after it's been viewed or after a set time.

2. Is this service really free?

Yes, it's completely free to use. There is no paid features or services available at the moment.

3. Do I need to create an account?

No. We don't require accounts to keep things fast, simple, and anonymous.

Security & Privacy

4. How secure is my secret? Can you see it?

Your secret is incredibly secure. We use end-to-end encryption, which means the secret is encrypted on your device before it's ever sent to our servers. The decryption key is part of the link you share, which we never see. This means we cannot read your secret, even if we wanted to. Only the person with the full, correct link can unlock it.

5. What happens to my secret's data?

When you create a secret, only the encrypted, unreadable version is stored on our servers. It's stored alongside its expiration rules, like the time limit or the number of views allowed. As soon as one of those limits is hit, the encrypted data is permanently deleted from our system.

6. What is a "key verification hash"?

Think of it as a digital fingerprint for the correct keys. When a secret is viewed, we check this fingerprint to make sure the link hasn't been tampered with and that the keys are valid before even trying to decrypt the message. It's an extra layer of security to ensure data integrity.

7. How is this better than just sending a password in a chat or email?

Emails and chats are often stored in multiple places and can be intercepted or read by service providers. Our method ensures:

  • End-to-End Encryption: The secret is never stored in plain text.
  • Self-Destruction: The secret doesn't live forever in someone's inbox; it automatically deletes itself.
  • Control: You decide exactly how many times it can be viewed and for how long.

Creating & Sharing Secrets

8. What is a "passphrase" and should I use one?

A passphrase is an optional password you can add to your secret for a second layer of security. If you use one, the recipient will need both the secret link AND the passphrase to open it.

  • When to use it: It's highly recommended. It protects the secret even if the link itself is accidentally exposed.
  • How to share it: You must share the passphrase separately from the link. For example, send the link via chat and tell the person the passphrase over a phone call.

9. What are the "View Limit" and "Time Limit" settings?

These are the rules for when your secret will be permanently deleted.

  • View Limit: The maximum number of times the secret can be viewed before it's destroyed. You can set this from 1 to 10 views.
  • Time Limit: A countdown timer for the secret's deletion. Options range from 15 minutes to 30 days.

The secret is deleted as soon as either limit is reached, whichever comes first.

10. What is the Secret Link and why is it so important?

The secret link is the key to your encrypted data. The long string of random characters after the # in the URL is the decryption key. Without this full, exact link, the secret is just unreadable gibberish and can never be recovered.

11. What happens if I lose the secret link?

If you lose the link, the secret is lost forever. We don't have a copy of the key, so we cannot recover it for you. You would need to create a new secret.

Receiving & Viewing Secrets

12. I received a link. What do I do?

Simply click the link. If it requires a passphrase, you will be prompted to enter it. Once you do, the secret will be revealed.

13. I entered the wrong passphrase. What now?

You have a limited number of attempts (usually 3) to enter the correct passphrase. If you use all your attempts, the secret will be permanently deleted as a security measure to prevent guessing.

14. I viewed the secret. What happens now?

The "view count" has gone down by one. If you were the last viewer allowed, the secret was permanently deleted the moment you viewed it. For your own security, it's a good practice to copy the information to a safe place (like a password manager) and close the browser tab.

Troubleshooting

15. Why does the link say the secret is "invalid" or "deleted"?

This error appears for a few reasons, all for your security:

  • The secret has already been viewed the maximum number of times.
  • The time limit has expired.
  • The link was tampered with, or you didn't copy the full URL.
  • The creator deleted the secret after sharing the link.

In all these cases, the secret has been permanently destroyed and cannot be recovered.

16. I clicked the link but nothing happened / I see an error about a missing key.

This usually means you did not copy the entire link. The decryption key is in the part of the URL that comes after the # symbol. Make sure you have the full, complete link from the sender.

When This Service Isn't Enough

17. Is there any reason I shouldn't use this service?

This tool is designed for quick, simple, and secure sharing of secrets between individuals. However, it's not a replacement for a long-term,enterprise-grade secret management system. For managing company-wide credentials, storing secrets for applications, or for secrets that need to be accessed by teams over a long period, you should consider more robust solutions.

18. What are some alternatives for more advanced needs?

For personal use, a dedicated password manager like Bitwarden or 1Password is the best way to store and manage your credentials securely.

For developers and businesses that need to manage API keys and application secrets, professional tools like HashiCorp Vault, AWS Secrets Manager, or Doppler offer features like audit trails, advanced access control, and integrations designed for those environments.

We encourage you to use the right tool for the job. For a one-off share, we've got you covered. For more complex needs, we recommend exploring dedicated solutions.