This website allows you to send messages which may contain sensitive information securely.
Once you've submitted your secret, we will take any information you have entered (Secret, Email, etc) and encrypt it with AES-256-CBC, locking it behind a special passphrase which is required for decryption.
Next, after the information is encrypted, we will supply you a one-time-use link which you can send to someone who you want to see your secret message.
When someone uses the link that you gave them, they will arrive at a page with a "Reveal Secret" button. Once this button is clicked, the secret is revealed to the user and is then immediately deleted from our database forever.
We generate our passphrases using a service called PasswordWolf
We NEVER store the passphrase that we generated ANYWHERE. It is only available in the link that is given to you.
If you submit a secret and lose the link to view the secret before giving it to anyone, we CANNOT recover it.
Yes. Unrevealed secrets may be deleted automatically after 60 days.
We do not store ANY personally identifying information.
We do not serve ads, or have any scripts running which try to identify any personal information.
Our database has 1 table which has a total of 4 columns.
"uid" - int - Not Encrypted
"secret" - text - Always Encrypted
"email" - text - Always Encrypted
"timestamp" - timestamp - Not Encrypted