Zero-knowledge secret sharing
Vault shares passwords and secrets with end-to-end encryption. Encrypted right in your browser, the server never sees the plaintext and links expire automatically.
01The problem
A quick password over email, an API key dropped into the team chat, the Wi-Fi credentials on a sticky note: in everyday work, sensitive data is constantly shared the most convenient way rather than the safest. That is exactly where the risk begins.
Emails and chat messages stick around. They live in inboxes, on servers, in backups and in chat history, often for years. Anyone who later gains access to a single one of those inboxes also gets the password you sent months ago. A secret you have shared once cannot be recalled.
Shared documents, note apps and spreadsheets are no safe home for credentials. They get forwarded, copied, shared with too many people and rarely cleaned up. One open link or one wrong permission is enough for passwords, recovery codes or customer data to become visible to the wrong people.
The consequences range from compromised accounts to data breaches to real financial damage. It is rarely a targeted hack - usually it is simply a secret that sat too long in a place that was too accessible. Vault closes exactly that gap.
02How Vault works
Vault follows the zero-knowledge principle: your secret is encrypted before it ever leaves your device. No installation, no account - open, type, share the link.
You enter your password, API key or confidential message right in the browser. Nothing is uploaded as long as nothing has been encrypted yet.
Vault encrypts the content locally on your device with strong AES encryption. The key stays with you and becomes part of the link, not part of the server.
You receive a one-time link to pass on through any channel. The server only ever holds ciphertext, which is worthless without the key inside the link.
The recipient opens the link, the content is decrypted in their browser - and afterwards the link expires or destroys itself. No secret is left behind.
03Security & zero-knowledge
Zero-knowledge means exactly that: we know nothing. All encryption and decryption happens client-side in your browser using the established AES standard. The key never leaves your device and is only ever carried inside the link, which is never sent to our server. The server holds nothing but unreadable ciphertext.
You need no account and no registration. There are no profiles, no password database and no login that could be compromised. Anyone who wants to share or open a Vault link needs nothing more than their browser. Less stored data means a smaller attack surface.
Every link is ephemeral. It expires after a set time or after the first view, depending on the setting. A secret stays reachable only for as long as it has to be, and is then gone for good. One-time access and automatic expiry are not an add-on, they are the core of the concept.
04Use cases
Anywhere a secret needs to get from A to B without leaving a trail along the way.
Give colleagues access to an account without leaving the password in chat or email. The link opens once and is gone afterwards.
Hand API keys, database credentials or server access to contractors and developers securely, instead of copying them into tickets or repositories.
Send 2FA backup codes or recovery keys so they disappear after reading rather than sitting permanently in an inbox.
Hand customers the credentials to their system or account in a way that is professional and verifiably secure.
Share information that should be read exactly once - a PIN, a temporary password, a confidential access.
Send confidential text, personal data or internal notes without them lingering as plaintext in any history.
05Why Vault
Vault is free to use. No account, no sign-up, no payment details - open it and get started right away.
Security is not bolted on, it is the foundation. The architecture is built so we cannot see the plaintext at all, even if we wanted to.
Vault runs in any modern browser. No app, no extension, no IT approval required.
Vault grew out of our own work on secure business software. The same people who build custom web tools for SMEs stand behind Vault.
06Common questions
Yes. Vault encrypts your content with the established AES standard right in your browser before anything is transmitted. The key never leaves your device and is only ever passed on inside the link. The server holds nothing but unreadable ciphertext.
No. Following the zero-knowledge principle, only encrypted content without the matching key ever reaches the server. Neither we nor anyone with access to the server can read the plaintext.
Every link is ephemeral. It expires after a set time or after the first view, depending on the chosen setting. After that the content is deleted for good.
No. Vault works entirely without registration or login. You open the page, enter your secret and share the link - nothing else is needed.
As soon as the recipient opens the link, the content is decrypted in their browser and the link expires or destroys itself. Opening it again no longer shows any secret.
No. Vault is free to use - with no payment details and no hidden limits on sharing secrets securely.
The server only holds the encrypted content until the link expires or is opened. The plaintext is never stored and the key never reaches the server.
Yes. Vault is especially suited to sharing passwords, API keys and credentials within a team or with external partners, without them lingering in chat histories or inboxes.
07Get started
No account, no installation, no risk from passwords left lying around. Open Vault and share secrets the way it should be: encrypted, one-time and ephemeral.
Custom software. Built to last.