Security Policy

Security Policy

We are very security conscious and we take this very seriously. Some of the standard best practices we employ to protect our systems:

  • We use trusted, well respected Linux distributions (Debian in this case).
  • We keep our systems patched and up to date.
  • We use firewalls proactively and use a whitelist approach for limited access/services.
  • We follow security lists for our operating systems as well as any auxiliary tools we use.

We appreciate any feedback from you and take all suggestions and potential exploits very seriously.

F.A.Q.

We can't show it to you because we don't know what it is. When you create a secret with a passphrase, we immediately hash it. Since we don't store the passphrase, we have no way to show it to you. That also means when you include a passphrase, we have no way to decrypt your secret.

We display the value for you so that you can verify it but we do that once so that if someone gets this private page (in your browser history or if you accidentally send the private link instead of the secret one), they won't see the secret value.

The secret link will be available for 7 days or until it's viewed.

Burning a secret will delete it before it has been read. If you send someone a secret link and burn the secret before they view it, they will not be able to read it. In fact, it will look to them like the secret never existed at all.

We display the value for you so that you can verify it but we do that once so that if someone gets this private page (in your browser history or if you accidentally send the private link instead of the secret one), they won't see the secret value.