Open-source secret sharing
Stop sharing passwords in Slack, email, and ticket systems. Yopass encrypts secrets in your browser and generates one-time links that auto-expire.
Trusted by engineers at
The problem
Every day, passwords and API keys are shared through Slack, email, and ticket systems — stored in plaintext, searchable forever, accessible to anyone with access to the channel. Yopass gives you a better way.
Slack messages
Passwords pasted in channels, indexed and searchable by everyone in the workspace.
Email threads
Credentials forwarded and quoted, living forever in inboxes and backups.
Ticket systems
API keys dropped into Jira or ServiceNow, visible to every team member with project access.
How it works
Step 01
Type or paste your secret. It's encrypted in your browser using OpenPGP before anything leaves your machine.
Step 02
Get a unique one-time link. Send it through any channel — the decryption key never touches the server.
Step 03
The secret self-destructs after being viewed — or when the timer runs out. Nothing persists.
Features
Encryption and decryption happen locally in your browser. The server never sees your plaintext data.
Secrets have a fixed lifetime and are automatically deleted after expiration. Choose 1 hour, 1 day, or 1 week.
Secrets can only be downloaded once, eliminating the risk of unauthorized repeat access.
Generate a unique one-click link. The decryption key can optionally be shared via a separate channel.
No sign-ups, no tracking, no cookies. Only the encrypted secret is stored — nothing else.
Fully transparent. Audit the code, contribute features, or self-host with confidence on your own infrastructure.
Pricing
Yopass is open source and always will be. Need more? The business license unlocks branding and higher limits.
Everything in Open Source, plus: