OpenSource-Hub
O

ots

SHA-256
754 stars·Privacy Protection·SHA-256 checksum verified

A one-time secret sharing platform where secrets are encrypted in the browser before sending, ensuring the server never sees the plaintext and the secret is deleted after first read.

Smart Download

Download Download Version

v1.21.5 · 6.5 MB

Share secrets that self-destruct after one read, with end-to-end encryption in the browser.

Core Features

  • AES-256 encryption in the browser
  • Secret never transmitted in plain text to server
  • Automatic deletion on first access
  • Memory and Redis backends
  • Web UI and CLI client (ots-cli)

What It Can't Do

  • Default expiry is 0 (never expires); set SECRET_EXPIRY for production. 2. When using the public instance ots.fyi, the server still stores encrypted blobs; consider pre-encrypting secrets locally via openssl for maximum security. 3. The decryption password is in the URL fragment – ensure the URL is transmitted over a secure channel.

Use Cases

  • Sharing temporary credentials with colleagues
  • Secure onboarding credentials for new employees
  • Handing over API keys or tokens in scripts
  • Customer support submitting sensitive info

Luzifer OTS (One-Time Secret) is a secure sharing tool that lets you send sensitive information like passwords, API keys, or private notes with confidence. It uses AES-256 encryption directly in your browser, so the plaintext never reaches the server. After the recipient reads the secret once, it's permanently deleted. The server only stores an encrypted blob and an ID; the decryption password remains solely in the URL hash. Multiple backends (memory, Redis) are supported, and there's both a web UI and a CLI client for automation. The project is open-source (MIT), actively maintained, and offers Docker images for easy deployment.

Tags

one-time-secretencryptionprivacysecure-sharingself-hosted

Getting Started

1

Download installer

Click the button above to download the installer for your system

Windows· 6.5 MBLinux· 5.8 MB
2

Install the software

Double-click the downloaded installer and follow the prompts

3

Step 1: Download the binary from GitHub Releases or pull Docker image: `docker pull ghcr.io/luzifer/ots`

4

Step 2: Run `./ots` (or `docker run -p 3000:3000 ghcr.io/luzifer/ots`)

5

Step 3: Open http://localhost:3000, type your secret, click 'Create', share the generated URL

Install Guide
  1. Step 1: Download the binary from GitHub Releases or pull Docker image: `docker pull ghcr.io/luzifer/ots`
  2. Step 2: Run `./ots` (or `docker run -p 3000:3000 ghcr.io/luzifer/ots`)
  3. Step 3: Open http://localhost:3000, type your secret, click 'Create', share the generated URL
File Integrity

SHA-256 checksum verified

Checksum extracted from GitHub official Release page

SHA256 Checksum

a575262b6835fcd4012346aaa4bf7c141b5acbfe55d75230845cc172a01c077d

This checksum is extracted from the GitHub Release page. Verify file integrity after download.

All SHA-256 checksums on this platform are extracted from the project's official GitHub Release page, without any modification. You can independently verify them on the GitHub Releases page.

Open Source Transparency

View GitHub Source
Environment Guide

Uninstall Info

Stop the process/container, delete the binary or run `docker rmi ghcr.io/luzifer/ots`. If using Redis, remove keys with prefix `io.luzifer.ots`.

No Extra Dependencies

Ready to use after download. No additional runtime required.

Project Info
LicenseMIT
Last Updated2026-06-27 06:40:31
GitHub RepositoryOfficial Website

Having issues? Check the FAQ below

3 FAQs

Similar Projects

U

Umami

Umami is a simple, fast, privacy-focused web analytics tool that gives you full control over your data.

A

AdGuardHome

Network-wide DNS server that blocks ads and trackers across all home devices without needing client software.

S

SearXNG

SearXNG is a free metasearch engine that combines results from over 70 search services while respecting your privacy. Self-host it to keep your data under your control.