SecretFile for one-time downloads
Upload one or more files, encrypt them in the browser, and send a self-destructing link that supports secure one-time downloads.
Quick workflow
- Drop files into the secure zone or browse from your device.
- Paste clipboard files when the browser exposes them.
- Send the encrypted link for a one-time file reveal and download.
Maximum upload is 20 files and 50 MB total per share.
Your secret file link is ready
Share this link with your recipient. Files stay encrypted until the link is opened with the browser-side key.
How secure file sharing works
Three simple steps to send files privately with zero server-side access.
Upload file
Drop, paste, or browse to add up to 20 files totalling 50 MB. Any file type is accepted and processed locally in your browser.
Encrypted link generated
AES-256 encryption runs entirely in your browser before upload. The decryption key lives only in the link fragment - the server only ever sees ciphertext.
Downloaded once then deleted
After the recipient opens the link and downloads the decrypted files, the encrypted data is permanently removed from the server and the link becomes inactive.
What you can share
SecretFile accepts any file type. Here are some of the most common use cases.
Documents and PDFs
Share contracts, invoices, reports, or any sensitive document that should be read once and not stored in an email inbox or chat history.
Images and screenshots
Send design assets, medical scans, identity documents, or any image that requires end-to-end encryption and self-destructing delivery.
Code and config files
Transfer environment files, API keys in .env format, deployment configs, or source code snippets without risking exposure in version control or messaging tools.
Archives and backups
Deliver ZIP, TAR, or encrypted database exports to a specific recipient knowing the files will be deleted from the server the moment they are downloaded.
Frequently asked questions
Common questions about encrypted file sharing with SecretFile.
Yes. Files are encrypted with AES-256 directly in your browser before any data is sent to the server. The decryption key is embedded in the link fragment, which is never transmitted to the server. This means the server stores only ciphertext and has no way to read your files.
Any file type is accepted - documents, archives, images, executables, or anything else. You can share up to 20 files at once with a total size of 50 MB per share. Clipboard paste support depends on what file types the browser exposes from the clipboard, which varies by operating system.
Files are stored until the link is opened or until the expiration time you set in Options is reached, whichever comes first. The default expiration is 3 days for unviewed links. Once the recipient opens the link the encrypted files are permanently deleted from the server.
No. SecretFile uses one-time delivery. After the link is opened and the files are decrypted the encrypted data is deleted from the server and the link stops working. If you need to share the same files again you will need to create a new share.
More privacy tools
Everything you need to share private data safely - free, no account, runs in your browser.
SecretNote
Write a private note, generate a one-time link, and share it. The note self-destructs the moment it is read - nothing is stored, nothing leaks.
SecretScreen
Upload a screenshot and get a self-destructing share link. The image is encrypted before upload and deleted after the first view - no permanent hosting.
SecretFile
Upload any file and share a one-time download link. The file is encrypted end-to-end and permanently deleted after the recipient downloads it.
Hash Generator
Instantly generate MD5, SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512 hashes in your browser. Your input is never sent to the server.
Password Generator
Generate strong, random passwords with full control over length and character sets. Everything runs locally - your passwords never touch a server.