Locked in your browser.
Opened in theirs.

Most tools that do this encrypt your secret and then keep the key next to it. We built ours so that we cannot read what you send, even if we wanted to, even if someone made us.

Three things happen, in this order.

Locked before it leaves

Your browser generates a random key and encrypts the secret with it. Only the locked result is sent to us. The plaintext never crosses the wire.

The key rides in the link

It goes in the part after the #, which browsers are not allowed to send to a server. It reaches your recipient without ever reaching us.

Then it stops existing

Once the last view is spent, the record is deleted. If nobody opens it, it expires on its own. Either way it does not sit in a thread forever.

Most tools encrypt your secret.
They also hold the key.

That is the ordinary way to build this, and it works right up until somebody gets into the database, or a court asks the operator to hand something over. The operator can comply, because they can read it. We cannot.

What we store
A ciphertext blob, a view counter, an expiry time.
What we never see
The key, the passphrase, the note, or your secret.
Where it runs
Azure, in Australia. Built by NextPoint IT.

You decide how long it lives.

View limits

One read by default. Raise it to ten when a whole team needs the same credential.

Expiry

An hour, a day or a week. The clock runs whether or not anybody opens the link, so nothing lingers.

A note for them

Tell the recipient what they are looking at. It is encrypted with the secret, so we cannot read it either.

A name for you

Give the secret a private name only you can read. Encrypted with your password, in your browser, before it is sent.

A passphrase

Split the secret across two channels. Send the link by email and say the passphrase over the phone.

Early destruction

Burn it the moment you are done, from either end, instead of waiting for the timer to run out.

The awkward questions.

What happens if I lose the link?

Nothing we can do. We do not have the key, so we cannot open your secret and we cannot email you a copy. Send a new one. That is a feature, not a gap.

Can NextPoint IT staff read what I send?

No, and not by policy but by maths. The key never reaches our servers, so there is no button anyone here could press, and nothing useful to hand over if we were compelled to.

Will a link preview in Teams or Outlook burn my secret?

No. Opening the link only shows a holding page. The secret is not fetched until a human clicks reveal, so scanners and previewers cannot spend the view for you.

Is the code visible to anyone who looks?

Yes, and that is deliberate. Security here comes from the key, not from hiding how the lock is built. Any system that depends on you not reading its source is already broken.