Onetime Secret
Open-source tool for sharing secrets via self-destructing links. After viewing, the link vanishes, keeping sensitive data out of chats and emails.
Smart Download
Visit Project Homepage
No installer available yet — head to the source repository
Share secrets with self-destructing links – once viewed, they're gone forever.
Core Features
- Send one-time viewable links that self-destruct after access
- Supports simple Redis authentication and full MFA/WebAuthn mode
- Quick self-hosting via Docker or bare-metal setup
- Multiple email delivery options (SMTP, SES, SendGrid)
- Active open-source community with regular updates
What It Can't Do
- •Always set SSL=true in production; keep .ots_secret file secure (irrecoverable if lost); follow official upgrade guides for v0.23/v0.24; Redis mode has no persistence by default – configure or use full mode for durability.
Use Cases
- Securely share passwords or API keys with colleagues
- Send temporary sensitive info to clients or partners
- Deliver one-time verification codes or personal notes
- Enterprise internal confidential one-to-one messaging
Onetime Secret is a secure message sharing platform that lets you send sensitive information like passwords, API keys, or personal notes via a one-time viewable link. Once the recipient opens the link, the content is destroyed and can never be accessed again. It supports both simple Redis-only authentication and full authentication with MFA, WebAuthn, and PostgreSQL. The project is self-hosted, Docker-ready, and actively maintained. Compared to similar tools like Password Pusher or protonURL, Onetime Secret offers more flexible deployment (bare-metal or Docker), advanced authentication options for enterprise use, and a vibrant open-source community. It's ideal for anyone who regularly handles sensitive data and wants to minimize digital footprints.
Tags
Getting Started
Download installer
Click the button above to download the installer for your system
Install the software
Double-click the downloaded installer and follow the prompts
1. Start Redis: docker run -p 6379:6379 -d redis:bookworm
2. Generate a secret key and run: openssl rand -hex 32 > .ots_secret && docker run -p 3000:3000 -d -e REDIS_URL=redis://host.docker.internal:6379/0 -e SECRET="$(cat .ots_secret)" -e HOST=localhost:3000 -e AUTH_REQUIRED=false -e SSL=false onetimesecret/onetimesecret:v0.24.6
3. Open http://localhost:3000 in your browser
- 1. Start Redis: docker run -p 6379:6379 -d redis:bookworm
- 2. Generate a secret key and run: openssl rand -hex 32 > .ots_secret && docker run -p 3000:3000 -d -e REDIS_URL=redis://host.docker.internal:6379/0 -e SECRET="$(cat .ots_secret)" -e HOST=localhost:3000 -e AUTH_REQUIRED=false -e SSL=false onetimesecret/onetimesecret:v0.24.6
- 3. Open http://localhost:3000 in your browser
Checksum not available
This project has not published a SHA-256 checksum on its GitHub Release page
SHA256 Checksum
No checksum available
Download directly from GitHub Releases and verify file integrity yourself
All SHA-256 checksums on this platform are extracted from the project's official GitHub Release page, without any modification. You can independently verify them on the GitHub Releases page.
Open Source Transparency
View GitHub SourceUninstall Info
Stop and remove the container: docker stop <container-id> && docker rm <container-id>. Delete the image: docker rmi onetimesecret/onetimesecret:v0.24.6. Remove Redis container and local .ots_secret file.
No Extra Dependencies
Ready to use after download. No additional runtime required.
Having issues? Check the FAQ below
3 FAQs
Similar Projects
Immich
High performance self-hosted photo and video management solution with automatic backup, AI search, facial recognition, and multi-user support.
syncthing
A continuous file synchronization program that syncs files between devices securely and automatically, with no central server.
uBlock Origin
uBlock Origin is a wide-spectrum content blocker for Chromium and Firefox that is CPU and memory efficient. Blocks ads, trackers, miners, and malware out of the box.