iKryptiKrypt

Stop DM'ing passwords.

Send a secret once - the key never touches our servers.

🔐 The encryption key never leaves your browser

How it works

1

Paste your secret

API key, password, or any sensitive text

2

Set expiry

Choose when the link should self-destruct

3

Share the link

Send it via Slack, email, or anywhere

4

Get notified

Optionally know when it's opened

True zero-knowledge encryption

Your secrets are encrypted in your browser before leaving. We never see the key.

Key never leaves your browser

Encryption happens client-side. The key is only in the URL fragment, which is never sent to servers.

Self-destructing

After the view limit or expiry time, the secret is no longer retrievable.

Even we can't read it

We only store encrypted data. Without the key (which we never see), your secret is unreadable.

Perfect for

🔑
API Keys
🔒
Passwords
💳
Credentials
🗝️
SSH Keys
📝
.env values
🏦
Bank details
📜
TLS/SSL Certs
🤫
Anything secret

Frequently asked questions

Is it really secure?

Yes. We use AES-256-GCM encryption, and the key is only in the URL fragment (the part after #). URL fragments are never sent to servers in HTTP requests, so we literally cannot see your encryption key.

What happens after the link expires?

The secret becomes inaccessible and is scheduled for deletion. Even if someone has the link, there's nothing to retrieve.

Can you read my secrets?

No. We only store the encrypted ciphertext. Without the key (which we never receive), your secret is just random bytes to us.

Is it free?

Yes, iKrypt is free to use. We may introduce paid features for teams in the future, but basic secret sharing will always be free.