Secretus vs 1Password
These are different categories, and we'll be honest about it: 1Password is an excellent password manager — vaults, autofill, team permissions — and if you need a place to store credentials long-term, use one. Secretus does not replace it.
Secretus is the transfer layer: getting a secret safely to someone else, especially outside your vault — a contractor, a client, a colleague on another team. 1Password's item sharing links are well built, but they store an encrypted copy of the item on a sharing server, default to a 7-day expiry (view-once is an optional toggle), and the sender needs a paid subscription. Secretus is one-time by construction, needs no account from either side for basic sharing, offers a P2P mode where the secret is never stored anywhere, and adds post-quantum key agreement.
Side by side
| Feature | Secretus | 1Password |
|---|---|---|
| Primary job | Secure one-time transfer | Credential storage (vault) |
| Long-term storage, autofill, browser extension | ||
| Sender needs a paid account | No — free sharing | Yes (subscription) |
| Recipient needs an account | No | No (for shared links) |
| One-time by default | Yes — atomic delete on first read | Optional; default link lasts 7 days |
| Shared secret stored on a server | Ciphertext only — or not at all (P2P mode) | Encrypted copy on sharing server |
| Forward secrecy for transfers | Double Ratchet (live mode) | |
| Post-quantum key agreement | Hybrid ML-KEM-768 (FIPS 203) | |
| Team k-of-n splitting (Shamir) | ||
| EU data residency | All processing in Frankfurt | Sharing server in Frankfurt; account region varies |
When 1Password is the better fit
- • You need a password manager: storing credentials, autofill, shared team vaults, SSO integration.
- • Recipients are inside your organisation and already live in your vault structure.
When Secretus is the better fit
- • One-off transfers to people outside your org — no account or subscription required on either side.
- • Secrets that must never persist: live P2P delivery with forward secrecy, nothing stored.
- • Splitting a master credential across a team so no single person holds it (Shamir k-of-n).
- • Post-quantum protection for the transfer itself, against harvest-now-decrypt-later.
Frequently asked questions
Does Secretus replace 1Password?
No — they're complementary. Keep your credentials in a vault like 1Password; use Secretus when a secret has to move to someone safely, especially outside your organisation. Many of our users run both.
Is 1Password's item sharing insecure?
It's well engineered — the shared item is encrypted and stored on a dedicated server, links can expire or be limited to specific emails. The differences are structural: a stored copy exists until expiry (default 7 days), view-once is opt-in rather than the default, and sharing requires a paid 1Password account. Secretus transfers are one-time by construction and free to send.
Why use a transfer tool when I can just share from my vault?
Vault sharing shines inside your org. The friction appears with outsiders: contractors, clients, auditors. Secretus needs no account on either side, can deliver peer-to-peer without any server copy, confirms delivery, and the link dies on first read.
Try it yourself — share a secret end-to-end encrypted, no account required.
Share a secret nowComparison reflects publicly documented behaviour as of June 2026. Spotted an inaccuracy? Tell us and we'll fix it.