How to Share and Send Passwords Securely
Without leaving them in the chat.
The problem
You hire a freelancer and they need the staging database password. You send it over Slack. The project wraps up, the freelancer leaves the workspace, and the password sits in the channel history. Six months later, someone exports the workspace for compliance. The password is in the export. A year after that, it's in a backup. It's still the same password, because nobody remembered to rotate it.
This happens with every channel that isn't built to forget. Email, Teams, Discord, SMS. The message delivers and then just sits there, in the search index, in the backups, until someone thinks to delete it. Usually nobody does.
Why it matters
Credential stuffing attacks work because passwords leak and then stay leaked. A departing employee scrolls through old channels. An admin runs a search across the workspace. The password is right where you left it.
Slack remembers everything, and so does email. Any tool that stores messages indefinitely keeps that credential accessible months or years after anyone needed it.
How to share a password with Secret.Broker
1 Go to the tool and paste the password. Your browser encrypts it with XChaCha20-Poly1305 before sending anything to the server.
2 Set the view limit. For one person, set it to 1. For a team of five, set it to 5. Choose an expiry — an hour is usually enough.
3 Copy the link and send it. The decryption key is in the URL fragment, the part after the #. Your browser never sends that part to the server, so I never have the key.
4 The recipient opens the link, copies the password, and the encrypted data is deleted. Nothing remains in the channel you sent the link through except the link itself, which now points to nothing.
Sharing passwords with clients
Clients don't always use the same tools you do. They might not be on your Slack workspace or your password manager. A link works everywhere. Any browser, any device.
Create the secret with a view limit of 1 and a short expiry. Send the link over email. The client opens it, saves the password, and the link goes dead. If you're handling something high-value, use paranoid mode to send the link and the decryption key through separate channels.
Sharing passwords with your team
Set the view limit to match the number of people who need the password. Each person opens the link and copies it. When the view count hits zero, the password is deleted from the server.
This works for onboarding too. A new developer starting Monday needs access to staging and the VPN and half a dozen internal tools. Instead of pasting each credential into a DM, create one secret per credential with a 1-view limit and a 24-hour expiry. Send the links. Once they're opened, the credentials are deleted from the server.
Sharing passwords with freelancers and contractors
The engagement ends, but the password you sent them is still in their inbox two years from now.
Create the secret with a view limit of 1 and the shortest expiry that makes sense (an hour if they're online, a day if they're in a different timezone). Once they open the link, the password is gone from Secret.Broker. What's left in their email or chat is a dead link that resolves to nothing.
What about password managers?
Your team uses 1Password or Bitwarden to store shared credentials. But when you need to get a password to someone who isn't in your vault, you need a way to send it without leaving a copy in the chat log. That's what this handles.
What the encryption does
Your browser encrypts the password before it leaves your machine. The server stores ciphertext it can't read. The protocol page covers the full stack: XChaCha20-Poly1305, Argon2id key derivation, and domain binding.
When not to use this
If you need to share a password with the same person repeatedly, set up a shared vault in your password manager. If you need audit trails or automatic rotation, use a secrets manager like HashiCorp Vault or AWS Secrets Manager.
This handles the handoff. You have a password that needs to get from you to someone else, and it needs to stop existing in the channel once they have it.