SafeDrop · Secure Secret Transfer

Passphrase

6-digit PIN

Secret text

Lock to this machine Decrypt once (auto-delete)

Stops automated bots from spamming the vault. Press refresh for a new code.

How it works

1
Enter a passphrase + 6-digit PIN — they never leave your browser.
2
Your text is encrypted with a random 1024-bit key and one of 10 ciphers.
3
The bundle is sealed again with your passphrase + PIN and stored as unreadable ciphertext.
4
Retrieve with the same credentials — it self-destructs on read.

Zero-knowledge

All cryptography runs in your browser via the Web Crypto API. The server only ever holds an encrypted blob — it cannot read your secret, passphrase, or PIN.

Two-layer encryption: a random 1024-bit key + a random cipher (1 of 10) encrypt your text; that bundle is sealed again with a key derived from passphrase + PIN (PBKDF2, 600k iterations). Each unique passphrase + PIN is its own secret — reuse the same pair to overwrite it.