🔒 Security & Privacy

Learn how disapyr.link protects your sensitive information with enterprise-grade security

🛡️ Our Security Promise

disapyr.link is built with security as the foundation. We use military-grade encryption and zero-knowledge architecture to ensure your secrets remain private and secure.

🔐AES-256-GCM Encryption

Your secrets are encrypted before storage using the same encryption standard trusted by governments and banks.

👁️One-Time Access

Secrets are permanently deleted after being viewed once, ensuring no trace remains.

Automatic Expiration

All secrets expire after 21 days, even if never accessed, providing time-based security.

🔧 How It Works

1

Encryption

Your text is encrypted using AES-256-GCM with a unique initialization vector before being stored.

2

Secure Storage

Only the encrypted data is stored in our database. The encryption key is kept separate and secure.

3

One-Time Retrieval

When accessed, the secret is decrypted, displayed to the user, and permanently deleted from our servers.

🔍 Technical Details

Encryption Algorithm

AES-256-GCM (Galois/Counter Mode) provides both confidentiality and authenticity, ensuring data cannot be tampered with.

Key Derivation

Encryption keys are derived using scrypt with salt, adding computational cost to prevent brute force attacks.

Zero Knowledge

We cannot read your secrets. Even with database access, encrypted content is unreadable without the encryption key.

Secure Deletion

After retrieval, secret content is overwritten with NULL values, making recovery impossible even from database backups.

❓ Frequently Asked Questions

Can you read my secrets?

No. Secrets are encrypted before storage, and we don't have access to the decryption keys in a way that would allow us to read your content.

What happens if someone tries to access a secret multiple times?

Only the first access succeeds. After that, the secret is permanently deleted and subsequent attempts will receive a "not found" error.

Are there any logs or tracking?

We only store metadata necessary for the service to function (creation time, expiration, access status). We don't track users or log secret content.

What if I lose the link?

Unfortunately, there's no way to recover a lost link. This is by design - we don't store any information that could be used to regenerate or find your secret.

🏆 Trust & Transparency

🔓

Open Source Ready

Our security implementation follows industry best practices and is designed with transparency in mind.

🚫

No Tracking

We don't use analytics, tracking cookies, or any form of user monitoring. Your privacy is paramount.

Minimal Data

We only store what's absolutely necessary for the service to function, and delete everything as soon as possible.

← Back to disapyr.link