1time.io

1time.io is a zero-knowledge encrypted secret sharing tool. Share passwords, API keys, credentials, and sensitive text through one-time links that self-destruct after being read.

Unlike most secret sharing tools that encrypt on the server, 1time.io performs AES-256-GCM encryption entirely in your browser. The server never sees your plaintext. The decryption key lives only in the URL fragment — the part browsers never send to the server. This means even the service operator cannot read your secrets.

Key features:

• Zero-knowledge encryption — AES-256-GCM with HKDF key derivation, all client-side • One-time links — secrets are permanently deleted after first read • Expiration control — set TTL from 5 minutes to 7 days • Password protection — add an extra layer with a passphrase • Password generators — strong passwords, passphrases, WiFi passwords, API keys • CLI tool — share secrets from the terminal, pipe-friendly for DevOps workflows • Self-hosted — deploy on your own infrastructure with Docker Compose • No signup, no cookies, no tracking — completely anonymous usage • Open source — MIT-licensed, fully auditable code

Built with Go, Next.js (static export), and Redis. Lightweight, fast, and simple to deploy.

1time.io is an alternative to Yopass, OneTimeSecret, PrivateBin, Password Pusher, and Snappass.