SecretDrop

SecretDrop is a zero-knowledge secret sharing tool for developers. Files are encrypted in the browser using AES-256-GCM before they ever reach the server — the server stores only encrypted blobs and can never read your content, filenames, or passwords. Upload files, set a password, share a link. No accounts required for recipients. Free tier available, no credit card needed.

Features

Client-side encryption using AES-256-GCM with PBKDF2 key derivation (600,000 iterations), built entirely on the Web Crypto API with no third-party crypto libraries Zero-knowledge storage — the server never sees plaintext content, filenames, or passwords Password-protected shareable links with no recipient account required Multi-file bundles — share entire .env files or credential sets in one link Expiration policies — time-to-live, download limits, and failed-attempt auto-locking Premium mode with public-key encryption (ECIES): no shared password, digital signature verification, only the intended recipient can decrypt Access analytics — view counts, download logs, and event history Free tier with encrypted password-protected sharing, premium unlocks multiple bundles and advanced policies Use Cases

Sharing .env files, API keys, and database credentials with teammates without pasting them into Slack or email Onboarding new developers onto a project by securely sending all required secrets in one link Freelancers and agencies exchanging client credentials across organizational boundaries Sending sensitive config to CI/CD pipelines or staging environments Replacing insecure ad-hoc methods (DMs, email attachments, shared docs) with encrypted-by-default sharing that requires zero setup