Secretus vs OneTimeSecret
OneTimeSecret is a respected, open-source tool for self-destructing notes, and for casual use it works well. The architectural difference is where encryption happens: with OneTimeSecret, your plaintext travels to their server over TLS and is encrypted there — the operator technically can read secrets during processing (an optional passphrase mitigates this, but the secret still transits at creation).
Secretus encrypts in your browser with the Web Crypto API before anything leaves your device. Our servers only ever store ciphertext — the decryption key lives in the URL fragment (never sent to servers by browser design) or is agreed peer-to-peer via Signal Protocol. A server compromise, subpoena, or rogue operator yields nothing readable.
Side by side
| Feature | Secretus | OneTimeSecret |
|---|---|---|
| Where encryption happens | In your browser, before upload | On the server (TLS in transit) |
| Can the operator read your secret? | Never — ciphertext only | Technically yes, during processing |
| One-time self-destructing links | ||
| Live P2P mode — secret never stored anywhere | Signal Protocol over WebRTC | |
| Forward secrecy (Double Ratchet) | ||
| Post-quantum key agreement | Hybrid ML-KEM-768 (FIPS 203) | |
| Team k-of-n splitting (Shamir) | ||
| Request a secret from someone | ||
| Audit log (hashed IDs, 90-day TTL) | ||
| Open source / self-hostable | Client code runs unobfuscated; hosted EU | Yes — fully open source |
When OneTimeSecret is the better fit
- • You want to self-host a battle-tested, minimal open-source tool on your own infrastructure.
- • You only need occasional, low-stakes one-time notes and the trust model doesn't worry you.
When Secretus is the better fit
- • Your security policy requires that no third party can ever read the secret — zero-knowledge by architecture, not by promise.
- • You need a mode where the secret is never stored at all (live P2P with forward secrecy).
- • You share credentials inside a team: Shamir k-of-n split, secret requests, audit trail.
- • You care about harvest-now-decrypt-later: hybrid post-quantum key agreement is built in.
Frequently asked questions
Is OneTimeSecret insecure?
No — for everyday notes it is a solid tool, protected by TLS and encrypted at rest. The difference is the trust model: their server processes your plaintext, so you must trust the operator and their infrastructure. Secretus removes that requirement: our servers only ever see ciphertext.
Can Secretus staff or servers read my secrets?
No. Encryption happens in your browser before upload; the decryption key travels in the URL fragment, which browsers never send to any server, or is negotiated peer-to-peer with Signal Protocol. A full compromise of our infrastructure yields only ciphertext.
Both have one-time links. What's different about delivery?
Secretus one-time reads are a single atomic database operation — the first read destroys the data in the same instant, so a second read is impossible by construction. Secretus also offers a live P2P mode in which the secret is never written to any server at all.
Try it yourself — share a secret end-to-end encrypted, no account required.
Share a secret nowComparison reflects publicly documented behaviour as of June 2026. Spotted an inaccuracy? Tell us and we'll fix it.