VaultLink homeVaultLink logo
Language

Securely sharing secrets client side

The fastest way to hand overcredentialswithout giving up control.

VaultLink encrypts every secret inside the browser, splits the key from the data, and cleans the vault the moment your instructions are fulfilled.

Secure password sharing

Why people trust VaultLink

Locked before it leaves

Your secret is sealed inside your browser with its own unique key. We only ever see scrambled text — never what's actually inside.

Gone when you want it gone

Pick how long it lasts and how many times it can be opened. Once either runs out, it's deleted for good.

One link, that's it

Copy the link, send it however you like, and the person on the other end unlocks it with a single click.

How it works

Three steps, under a minute

No accounts, no chat threads with passwords in them, no cleanup to remember.

  1. 1

    Paste it in

    Drop your secret into the box. Your browser locks it up before anything leaves your device.

  2. 2

    Send the link

    Share it however you like — email, Slack, a sticky note. Only the link-holder can open it.

  3. 3

    Gone for good

    Once it's been read or the timer runs out, the secret disappears for good. Nothing to tidy up.

Secure password sharing controls

Built for PCI DSS, SOC 2, ISO 27001, and GDPR workflows

VaultLink helps teams share passwords and credentials with clear trust boundaries. Ciphertext is stored server-side, while decryption material stays client-side in the URL fragment. One-time links, configurable TTL, and max-view controls support data minimization and access-control policies used in regulated environments.

Separation of duties
Ciphertext and key are split
Retention controls
Configurable TTL and max views
Ephemeral access
One-time reveal with auto-expiry

Region-pinned edge

All data sits in a hardened EU region with encrypted Redis storage and automatic shredding.

Browser CSPRNG

Key and IV generation use Web Crypto (`crypto.getRandomValues`) in supported browsers.

Reveal status telemetry

Optional, privacy-safe events track create and reveal outcomes with masked paths after consent.

We use one consent cookie and optional analytics storage. Accept enables privacy-safe GA4 metrics with masked paths; reject keeps analytics disabled.