onetimesecret.com

One-line Introduction

OneTimeSecret.com is an open-source one-time secret sharing platform created by a US-based developer. Its core function is to let users create an encrypted message and generate a link that can be viewed only once; after the message is read, it is automatically destroyed. It is designed for securely sending sensitive information—such as passwords, API keys, and private notes—and emphasizes a “burn after reading” privacy model, making it suitable for users who do not want to leave permanent traces in chat histories or email.

Business Overview

OneTimeSecret was founded by a US developer and has been online since around 2010, positioning itself as open-source, lightweight, and tracking-free. It does not store user account information, and registration is not required to use it, though registered users can manage their history. In terms of market positioning, it sits in the niche category of “one-time secret sharing,” competing with tools such as Privnote and PasswordPusher. Its main users include IT operations staff who need to share passwords temporarily, privacy-conscious individuals, and freelancers who need to send sensitive data quickly. The platform does not rely on third-party storage; encryption and decryption are handled server-side, while it promises that logs do not retain message content. As an open-source project, its code can be reviewed on GitHub, which improves technical transparency.

Who It’s For

• Individual users: People who need to temporarily share Wi-Fi passwords, bank verification codes, or social account passwords without leaving those details permanently in messaging apps.
• Small teams/developers: Teams sharing API keys, database connection strings, or temporary access credentials during collaboration.
• Security-sensitive users: Journalists, lawyers, and privacy advocates who need to ensure sensitive information disappears immediately after the recipient reads it, reducing the risk of third-party interception.
• Not suitable for: Enterprise users who need long-term storage or bulk secret management, as there are no team management features; organizations requiring compliance audit trails, since messages cannot be traced after destruction.

Key Features and Highlights

• Burn after reading: Once a message is read, it is immediately deleted from the server; the link expires and cannot be accessed again.
• Open-source and auditable: The full codebase is hosted on GitHub, allowing technical teams to deploy private instances and avoid data leakage.
• Optional password protection: You can add an extra password to a secret, so only someone with both the link and password can view it.
• Automatic expiration: Links can be set to self-destruct after a specified period, such as 1 hour or 1 day, even if they have not been read.
• No registration required: Users can create secrets directly from the website, lowering the barrier to use; registered users can view sending history, though the content remains encrypted.
• No-tracking commitment: The service states that it does not record message content or place analytics tracking scripts, and logs only retain basic operational metadata.

Pricing Analysis

OneTimeSecret offers a free basic service, allowing users to create burn-after-reading secrets without paying. Pricing for the paid plan, OneTimeSecret Pro, is not clearly listed on the official website, but based on historical information, the Pro version may include longer expiration periods, larger message capacity, or API access. Overall, it sits in the free/low-cost tier among similar tools—the free version already covers the vast majority of personal and small-team needs. There are no hidden fees, but users need to contact support or check the GitHub documentation for specific Pro pricing. For users who do not need advanced features, the free version is more than enough.

How Chinese Users Can Use It

• Network accessibility: The website is generally accessible, but loading speed may be affected by overseas servers and can sometimes take a few seconds. Some regions in China may occasionally experience unstable connections. Chrome or Edge is recommended, and users should ensure their network environment can access overseas sites.
• Payment methods: The free version requires no payment. Payment methods for the paid Pro version are not publicly disclosed, though it likely supports credit cards or PayPal; Chinese users may not be able to use these directly. It is recommended to start with the free version.
• Whether a VPN/proxy is needed: Usually not required, but if the site is slow or fails to load, a lightweight proxy tool may help.
• Domestic alternatives: Similar domestic tools include “burn after reading” WeChat mini programs such as “密信” and “微密,” though their security is unclear. A more professional option is to self-host a private OneTimeSecret instance.
• Invoice issues: The free version has no invoice. If a paid transaction is involved, users need to contact support to confirm whether an overseas invoice is available; a standard Chinese invoice is not possible.

Pros and Cons

Pros:

• Core features are completely free, with no ad interruptions.
• Open-source and transparent, with support for self-hosted private servers and controllable data sovereignty.
• Extremely simple interface with almost no learning curve; a secret can be shared in under 30 seconds.
• Extra password protection helps prevent content from being viewed by anyone if the link leaks.

Cons:

• No Chinese interface, making it less friendly for non-English users.
• Paid plan pricing is not transparent, and the upgrade path is unclear.
• Access from China may occasionally be delayed, and there are no mainland China CDN nodes.
• Once a message is destroyed, it cannot be recovered; there is no remedy for accidental actions or malicious deletion.
• File sharing is not supported; it is limited to text content, with a maximum of about 10KB.

Comparison with Similar Products

• Privnote: Highly similar to OneTimeSecret and also free with burn-after-reading support, but Privnote is not open-source, so its transparency is slightly lower.
• PasswordPusher: Focuses on password sharing and supports more granular expiration settings, such as by hour or minute, but its interface is more technical and better suited to operations staff.
• Bitwarden Send: An add-on feature of the Bitwarden password manager, supporting file sharing and encryption, but it requires a Bitwarden account and the free version has size limits.

OneTimeSecret stands out for being open-source, completely free, and extremely minimalist, making it a good fit for users who do not want to be tied to any account or service.

Summary and Recommendation

OneTimeSecret is best suited for quickly sharing short pieces of sensitive text such as one-time passwords, temporary API keys, and private notes, especially when you want the message to leave no trace after being read. For Chinese users, the free version is the best starting point, and no registration is needed to try the core features. If you need more stable access or team management, consider self-hosting a private instance based on the GitHub code or using a domestic alternative. It is not recommended for scenarios requiring long-term storage, auditability, or large file transfers. Overall, this is a lightweight “use it and leave” tool that is trustworthy for privacy protection, but expectations should be limited to one-time text sharing.