Share passwords, API keys, and sensitive data securely. Your secret is encrypted in your browser and self-destructs after being read once.
100%
Free
AES-256
Encryption
Zero
Knowledge
Trust Signals
Unlike services that encrypt on the server, Nurbak uses true client-side encryption. We can never see your secrets.
Your browser encrypts the data before sending it. We (Nurbak) never see your raw secret. The decryption key stays in the URL fragment (#) which is never sent to our servers.
Once the link is viewed or expired, the data is permanently erased from our database. No backups. No recovery. Gone forever.
Links require a human click to reveal, preventing Outlook or Slack bots from 'burning' your one-time link prematurely by previewing the URL.
How it Works
The decryption key is part of the URL (the part after #). This fragment is never sent to our servers by browsers. We mathematically cannot read your secrets.
Your browser generates a unique encryption key and uses AES-256-GCM to encrypt your data locally before anything is transmitted.
Only the encrypted blob reaches our servers. The decryption key stays in the link you share, never touching our infrastructure.
When the recipient opens the link, their browser extracts the key from the URL and decrypts the data locally. Then it self-destructs.
Use Cases
Securely send login credentials to clients or employees without leaving traces in email or chat history.
Share .env variables, database credentials, or API keys without committing them to Git or pasting in Slack.
Send payment information securely without leaving a permanent record in email folders or messaging apps.
Share guest network access with visitors without shouting credentials across the room or posting them publicly.
Integration
Create and share one-time secrets directly from Slack. No more switching between apps to share sensitive information with your team.
Click the button below to add Nurbak to your Slack workspace. Only workspace admins can approve the installation.
Type /nurbak followed by your secret message. Nurbak will create an encrypted link and post it in the channel.
The recipient clicks the link to view the secret once. After viewing, it's permanently deleted from our servers.
FAQ
Yes. Unlike other services, Nurbak uses Zero-Knowledge encryption. This means the decryption key is in the link (the part after the #), never sent to our server. We fundamentally cannot read your secrets even if forced to.
No. Once viewed, the encrypted data is mathematically deleted from our servers. This is a security feature, not a limitation. The self-destruction guarantee is what makes one-time links trustworthy.
Only if you use a One-Time Link. Sending plain text in chat creates a permanent record in backups and cloud storage. Using a one-time link ensures the sensitive data disappears after being read.
Start sharing sensitive information securely. No account required.
Create One-Time Link