Back to Home

Security & Privacy

No compromises. No backdoors. Your secrets stay secret.

🔐

AES-256-GCM

Military-grade symmetric encryption

👁️

Zero Knowledge

We can never see your data

🔥

Auto-Destruct

Deleted immediately after viewing

Encryption Standard

PassLink uses AES-256-GCM (Advanced Encryption Standard with Galois/Counter Mode), the same encryption standard approved by the U.S. National Security Agency for top-secret information.

  • 256-bit key size - 2^256 possible combinations, impossible to brute force
  • GCM mode - Provides both confidentiality and authenticity
  • Random IV - Each secret uses a unique initialization vector

Zero-Knowledge Architecture

The encryption key is generated in your browser and embedded in the URL fragment (after the # symbol). By design, URL fragments are never sent to servers—this is a fundamental security feature of all web browsers.

https://passlink.click/s/abc123
#ENCRYPTION_KEY_HERE
↑ This part never leaves your browser

What We Store

We Store

  • • Encrypted blob (unreadable)
  • • Expiration timestamp
  • • Password hash (if set)

We Never Store

  • • Your original secret
  • • Encryption keys
  • • IP addresses or logs
  • • Personal information

Self-Destruction Protocol

PassLink implements a strict "burn after reading" policy:

  1. 1Recipient opens the link and decrypts the secret in their browser
  2. 2Simultaneously, a DELETE request is sent to our servers
  3. 3The encrypted data is permanently removed from our database
  4. 4The link becomes permanently invalid

Open Source & Auditable

PassLink's code is open for inspection. Don't trust us—verify our security claims yourself.

Start Sharing Securely