

SecretDrop
Encrypted file sharing for developers. Upload files, set a password, share a link, everything is encrypted in your browser before it touches a server. Zero-knowledge architecture. No recipient account needed.
Cost / License
- Freemium (Pay once or Subscription)
- Proprietary
Platforms
- Online
Features
SecretDrop News & Activities
Recent activities
- AleksDoesCode added SecretDrop
AleksDoesCode added SecretDrop as alternative to Dotenv, Dotveil and OnlyNv
SecretDrop information
What is SecretDrop?
SecretDrop is a zero-knowledge secret sharing tool for developers. Files are encrypted in the browser using AES-256-GCM before they ever reach the server — the server stores only encrypted blobs and can never read your content, filenames, or passwords. Upload files, set a password, share a link. No accounts required for recipients. Free tier available, no credit card needed.
Features
Client-side encryption using AES-256-GCM with PBKDF2 key derivation (600,000 iterations), built entirely on the Web Crypto API with no third-party crypto libraries Zero-knowledge storage — the server never sees plaintext content, filenames, or passwords Password-protected shareable links with no recipient account required Multi-file bundles — share entire .env files or credential sets in one link Expiration policies — time-to-live, download limits, and failed-attempt auto-locking Premium mode with public-key encryption (ECIES): no shared password, digital signature verification, only the intended recipient can decrypt Access analytics — view counts, download logs, and event history Free tier with encrypted password-protected sharing, premium unlocks multiple bundles and advanced policies Use Cases
Sharing .env files, API keys, and database credentials with teammates without pasting them into Slack or email Onboarding new developers onto a project by securely sending all required secrets in one link Freelancers and agencies exchanging client credentials across organizational boundaries Sending sensitive config to CI/CD pipelines or staging environments Replacing insecure ad-hoc methods (DMs, email attachments, shared docs) with encrypted-by-default sharing that requires zero setup




