How one-time links work
1
You enter the secret — Password, API key, credentials, or any sensitive text
2
System generates a unique link — Secret is encrypted and stored temporarily
3
You share the link — Via any channel (email, Slack, text—it's just a link)
4
Recipient opens link — Secret is displayed and immediately deleted
5
Link expires — Can never be used again (even by you)
Why this is more secure
One View Only
The secret can only be viewed once. If someone intercepts the link, the legitimate recipient won't be able to view it—alerting you to compromise.
Time-Limited
Links expire after a set time (usually 24 hours) even if never viewed. No forgotten passwords sitting in links forever.
Encrypted Storage
The secret is encrypted at rest. Even if the database were compromised, the actual passwords remain protected.
No Storage History
Unlike email or chat, there's no permanent record. Once viewed, the secret is gone from the system entirely.
When to use one-time links
Sharing login credentials with new team members
Sending API keys or service credentials to developers
Providing WiFi passwords to guests or contractors
Sharing temporary access codes
Sending any sensitive information that shouldn't persist