Why is this useful?
Instead of secrets being sent by email, in support systems, via instant messaging services or the like, a unique link is sent instead, which only works once.
This way, only an unusable link will remain protecting the secret from further prying eyes.
Why should we trust you?
We built this service to solve our own problem of sharing secrets with customers. We know trust is a thing, so we open sourced the whole project for any peer review.
If you find something, please let us know or send a pull request and we'll get it fixed.
Are secrets stored?
Yes, but only encrypted with a one way cipher that we don't store the key for. The only copy of the key is sent to the receipient you specify.
Once the secret is read by the recipient, we even delete the encrypted version from the database, just leaving the meta data behind so in future versions you can have a dashboard to see what you sent to whom (coming soon).
How much does this cost?
It's free for you to use to send secrets to whomever you want - we just ask that you don't do anything that could be against the law or harrass anyone with this service.
There is a paid version on the horizon that handles files as well, stay tuned :)
Can we run our own copy?
Of course, there is a GPL licensed version, we just ask you don't compete with this service in doing so by only use it internally for your staff and clients.
We trust you to do the right thing :)
Can you help us set this up?
Sure, contact us to get more information about our Ruby on Rails OpsCare and CodeCare services.
We are experts at keeping critical Rails applications online.