deletebin.org

What It Is

DeleteBin is a privacy-focused encrypted temporary message service. Users write text in the browser; the message is encrypted locally via the Web Crypto API before being submitted to the server. The service states that it does not hold the decryption key. It is not a standalone instant messaging tool, nor does it deliver links to recipients. Instead, it is meant to be used alongside email, SMS, IM, forums, or ticketing systems, so that truly sensitive content does not remain stored on those platforms for long.

Core Protection and Deployment

Its core protections are end-to-end encryption, automatic deletion, and minimal data retention. Each message can be given a TTL from 1 minute to 2 weeks, with one week as the default; the number of reads can be set from 1 to 100, with deletion after one read by default. An optional password is combined with the generated password to derive the key. The site and database are hosted in the United States and use Cloudflare. It also discloses security measures including TLS 1.2/1.3, HSTS, DNSSEC, CAA, CSP, permission policies, container isolation, SELinux, a Go API, and file change monitoring. The service has no account system and does not collect names, email addresses, phone numbers, or similar information. Web logs are retained for at most 24 hours.

Pricing and Integration

The main text clearly states that the service is free, and we did not find any commercial plans, enterprise edition, SLA, or payment methods. Integration is mainly link-based: generated temporary message links can be embedded into existing workflows such as email, SMS, forum private messages, and customer support tickets. There is also a browser extension that can improve sending efficiency and, because the encryption code is stored locally, can reduce the impact of man-in-the-middle attacks on message content to some extent.

Pros and Cons

Its strengths are a very low barrier to entry and the fact that recipients only need a modern browser. It is open source, requires no registration, and has a clear auto-deletion policy, making it suitable for temporary text sharing with low to moderate sensitivity. The drawbacks are just as clear: by default, the link contains the decryption key, so anyone who obtains the link can read the message; risks in the underlying delivery channel still remain; recipients can take screenshots or photos, so copying cannot be prevented; and because it is hosted in the United States and uses Cloudflare, users with data sovereignty concerns should be cautious.

Who It’s For and Access from China

DeleteBin is suitable for temporarily sending WiFi passwords, addresses, phone numbers, low-risk account details, or short-lived sensitive content in support tickets. It is not suitable for highly confidential scenarios, strong audit requirements, strong identity authentication, or enterprise use cases that require compliance proof. The main text does not describe access from mainland China, so network connectivity and Cloudflare routing performance need to be tested in practice. Payment is not relevant, as no paid offering is disclosed. If access is unstable, alternatives such as Signal, PGP, Matrix/OMEMO, or a self-hosted temporary ciphertext sharing tool may be worth considering.