5 Best Free One-Time Secret Sharing Tools in 2025

Need to share a password, API key, or sensitive message without it sitting in someone's inbox forever? One-time secret sharing tools create encrypted, self-destructing links that work exactly once. Here are the 5 best free options available today.

1. Only Once Share (ooshare.io)

Best for: True zero-knowledge encryption with no limits

• Encryption: AES-256-GCM (client-side, Web Crypto API)
• Architecture: Zero-knowledge — encryption key stays in URL fragment, never touches server
• Limits: None — completely free with no caps
• Account required: No
• Open source: Yes (MIT license)
• Self-hosting: Yes (Docker)
• Languages: 6 (English, Chinese, Spanish, Hindi, Arabic, Portuguese)
• TTL options: 1h, 4h, 12h, 24h, 48h, 72h

Only Once Share stands out for its truly zero-knowledge architecture: encryption happens entirely in the browser, and the key is stored in the URL fragment which browsers never send to servers. It's completely free with no artificial limits — no "8 secrets per month," no 100KB caps. The MIT-licensed open source code is fully auditable on GitHub.

2. OneTimeSecret (onetimesecret.com)

Best for: Brand recognition and established track record

• Encryption: Server-side (not zero-knowledge)
• Limits: 100KB max secret size, 7-day expiry (free)
• Account required: Optional (extends limits)
• Open source: Yes
• Self-hosting: Yes

The oldest and most recognized tool in this space, founded in 2011. OneTimeSecret has the advantage of name recognition and years of reliability. However, its encryption happens server-side — the server briefly handles your plaintext data before encrypting it. Free tier is limited to 100KB secrets with a 7-day maximum expiry.

3. Password Pusher (pwpush.com)

Best for: DevOps teams needing multi-format sharing

• Encryption: Server-side
• Limits: Generous on self-hosted
• Account required: Optional
• Open source: Yes
• Self-hosting: Yes (Docker)
• Extra features: Files, URLs, QR codes, password generator

Password Pusher is the most feature-rich open source option. It supports sharing passwords, files, URLs, and even generates QR codes. It has the most active GitHub community (~2,900 stars) and integrates with PowerShell, Terraform, and CLI tools. Like OneTimeSecret, encryption is server-side.

4. scrt.link

Best for: Swiss privacy jurisdiction and multiple secret types

• Encryption: End-to-end (client-side)
• Limits: Unlimited on free tier
• Account required: No
• Open source: Yes
• Self-hosting: Yes
• Extra features: Files (10MB), redirect links, snap (image), neogram

Swiss-based scrt.link offers true client-side encryption similar to Only Once Share. It supports multiple secret types including files, redirect links, and self-destructing images. The Swiss jurisdiction provides an additional layer of privacy protection. Paid plans start at just $1/month for custom features.

5. Yopass (yopass.se)

Best for: Minimalists who want pure open source with no commercial agenda

• Encryption: OpenPGP (client-side)
• Limits: None
• Account required: No
• Open source: Yes
• Self-hosting: Yes (Docker, Kubernetes)
• Extra features: CLI support, Prometheus metrics

Yopass is the purest open source option — 100% free with zero commercial agenda. It uses OpenPGP encryption (different from AES) and is extremely lightweight. Designed primarily for self-hosting, it includes Prometheus metrics for monitoring. The trade-off is a minimal feature set and no hosted version with guaranteed uptime.

Comparison Table

Feature	Only Once Share	OneTimeSecret	Password Pusher	scrt.link	Yopass
Zero-knowledge	Yes	No	No	Yes	Yes
Free limits	None	100KB, 7 days	Varies	None	None
File sharing	No	No	Yes	Yes (10MB)	Yes
Languages	6	Multi	1	1	1
Self-host	Docker	Docker	Docker	Docker	Docker/K8s
Encryption	AES-256-GCM	AES (server)	Server-side	E2E	OpenPGP

Our Recommendation

For most users, Only Once Share offers the best combination of security (true zero-knowledge, AES-256-GCM), usability (no account, no limits, 6 languages), and transparency (MIT open source). If you need file sharing, scrt.link or Password Pusher are excellent options. If you want the longest track record, OneTimeSecret has been reliable since 2011.