About 1time.io

Secure one-time secret sharing, built for simplicity.

Why 1time.io?

Every day, millions of passwords and secrets get shared through email, Slack, and text messages — channels that store data indefinitely and are vulnerable to breaches.1time.io solves this by creating encrypted, self-destructing links that work exactly once.

We built 1time.io because sharing secrets should be as easy as pasting text into a box. No accounts, no setup, no learning curve. Just paste, share, done.

How it works

  • You type or paste your secret into the message box
  • Your browser encrypts it with AES using a unique generated key
  • Only the encrypted ciphertext is sent to our server
  • You get a one-time link containing the decryption key
  • Your recipient opens the link — their browser decrypts the message
  • The encrypted data is permanently deleted from our server

Security by design

  • End-to-end encryption: your data is encrypted in the browser before transmission
  • Zero-knowledge: we never have access to your plaintext data or encryption keys
  • One-time access: each link can only be opened once, then the data is destroyed
  • Auto-expiry: even unread messages are automatically deleted after your chosen period
  • Optional passphrase: add a second layer of protection with a shared passphrase
  • No accounts required: no personal data collected, no tracking

Open source

1time.io is open source. You can inspect the code, verify the encryption implementation, or host your own instance. Transparency is a core part of our security model. Check out the source on GitHub.

Command-line interface

Share secrets directly from your terminal with the 1time CLI. Install it with npm install -g @1time/cli, then pipe secrets in and get a one-time link back. Same end-to-end encryption as the web app — your secret is encrypted locally before it ever leaves your machine. Works with self-hosted instances via the --host flag.

Use cases

  • Sharing passwords with team members or clients
  • Sending API keys and access tokens securely
  • Transmitting SSH keys or certificates
  • Sharing two-factor backup codes
  • Sending database credentials during onboarding
  • Any situation where sensitive text needs to be shared once
Create a secret link