SecureShare

Share passwords and sensitive information securely.
Self-hosted, encrypted, and time-limited links that self-destruct.

Try demo icon Try Live Demo
Choose Your Version
WordPress Plugin — Pending review by wordpress.org. Download from GitHub

What is SecureShare?

A self-hosted tool for sharing sensitive information through encrypted, time-limited links.

The Problem

How do you safely share a password, API key, or sensitive information? Email isn't secure. Chat apps log everything. Third-party password managers require subscriptions and store your data.

You need a way to share secrets that:

  • Encrypts data end-to-end
  • Automatically expires after 24 hours
  • Lives on your own server
  • Doesn't require an account
  • Takes 5 minutes to deploy

The Solution

SecureShare creates encrypted links that automatically self-destruct. Enter your secret, get a link, share it. The recipient can view it multiple times until it expires in 24 hours.

Your secrets are:

  • Encrypted with AES-256 — Military-grade security
  • Time-limited — 24-hour default expiration
  • Self-hosted — Your data never leaves your server
  • Private — No accounts, no tracking, no third parties
  • Simple — Works on any device, no learning curve

Choose Your Version

Same encryption, two deployment options.

Standalone PHP Version

Standalone PHP Version

Deploy on any PHP server. Perfect for standalone deployment or adding to existing PHP websites.

Perfect For:

  • Any PHP 7.4+ server
  • Non-WordPress sites
  • Minimal deployment requirements
  • IT teams and developers

Key Features:

  • Zero dependencies — No database required
  • File-based storage — JSON storage system
  • 5-minute setup — Upload and go
  • Lightweight — Minimal server resources
  • Portable — Works anywhere PHP runs

Requirements:

  • PHP 7.4+ (tested through 8.3)
  • OpenSSL extension
  • Apache with mod_rewrite or Nginx
  • No database needed
GitHub View PHP Version on GitHub

Production-ready • Last updated Nov 6, 2025

WordPress.org - Pending Review
WordPress Plugin

WordPress Plugin

Native WordPress integration with Gutenberg blocks, shortcodes, and admin dashboard.

Perfect For:

  • WordPress site owners
  • Membership organizations
  • Support/service businesses
  • Nonprofits and advocacy groups

Key Features:

  • Gutenberg block — Native block editor support
  • Simple shortcode — [secureshare] on any page
  • WordPress database — Reliable storage
  • Admin dashboard — Settings and statistics
  • Theme integration — Matches your site design

Requirements:

  • WordPress 6.0 or higher
  • PHP 7.4+ (8.0+ recommended)
  • OpenSSL extension
  • WordPress database tables
GitHub View WordPress Plugin on GitHub

Version 1.0.7 • Last updated Nov 12, 2025

Both versions use the same AES-256-CBC encryption. Choose based on your platform and deployment needs.

Features Available in Both Versions

Same security, same reliability.

AES-256 encryption

AES-256-CBC Encryption

Military-grade encryption using OpenSSL. Your secrets are encrypted before storage and only decrypted when viewed.

Time-limited links

Time-Limited Links

24-hour default expiration (configurable). Secrets automatically delete after the time limit.

Rate limiting

IP-Based Rate Limiting

Prevents abuse with intelligent rate limiting based on IP address.

Mobile responsive

Mobile Responsive

Works perfectly on all devices—desktop, tablet, and mobile.

Multiple views

Multiple Views

Recipients can access secrets multiple times until expiration (not burn-after-reading).

Privacy focused

Privacy-Focused

Self-hosted means your data never leaves your server. No third-party services involved.

Use Cases

When you need to share sensitive information securely.

Password Sharing

Share login credentials with team members, clients, or contractors without emailing passwords in plain text.

API Keys & Tokens

Transmit API keys, access tokens, and authentication credentials securely to developers.

Sensitive Client Data

Share confidential client information that shouldn't live in email or chat logs.

Support Ticket Credentials

Let clients share login information through your support system securely.

One-Time Secrets

Share information that needs to be accessible temporarily but not permanently stored.

Internal Team Credentials

Safely distribute credentials across your organization without insecure email.

Security & Privacy

SecureShare is designed with security and privacy as core principles.

  • AES-256-CBC Encryption using OpenSSL
  • Self-Hosted — Your data stays on your server
  • No Third Parties — Zero external services
  • Rate Limiting — Prevents brute force attacks
  • CSRF Protection — Security headers included
  • Automatic Deletion — Secrets removed after expiration

Important Security Notes

Transparency is important:

  • Secrets are accessible multiple times until expiration (not burn-after-reading)
  • No authentication required by default (trade-off for ease of use)
  • File-based storage (PHP version) is suitable for small-to-medium deployments
  • Proper file permissions are critical for PHP version

Future Roadmap:

  • Burn-after-reading option
  • Password protection for secrets
  • Database storage option for PHP version

Try It Live

See SecureShare in action on our live demo.

Create an encrypted secret and see how the link works. The demo uses the standalone PHP version.

Try Live Demo

Quick Start Installation

Both versions deploy quickly.

PHP Version Setup

  1. Download from GitHub
  2. Extract to your web server
  3. Configure config.php (optional)
  4. Set permissions on secrets/ directory
  5. Done! Access via browser

Time to deploy: 5 minutes

View Full PHP Installation Guide

WordPress Plugin Setup

  1. Download from GitHub (or WordPress.org when approved)
  2. Upload via WordPress admin
  3. Activate the plugin
  4. Add shortcode [secureshare] to any page
  5. Done! Configure in Settings if needed

Time to deploy: 2 minutes

View Full WordPress Installation Guide

Frequently Asked Questions

Which version should I use?

Use the WordPress plugin if you have a WordPress site and want native integration. Use the PHP version for non-WordPress sites or minimal deployment.

Is this really free?

Yes, completely free and open-source under GPL-2.0 license. No premium versions, no upsells.

Can secrets be viewed multiple times?

Yes, secrets can be accessed multiple times until the 24-hour expiration. We're planning a "burn-after-reading" option for the future.

How secure is AES-256 encryption?

AES-256 is military-grade encryption used by governments and financial institutions. It's the same encryption standard used by password managers.

Do I need a database for the PHP version?

No! The PHP version uses file-based JSON storage. No database setup required.

Where can I get support?

Community support on GitHub for both versions. FatLab offers paid support and custom implementations for professional use.

Ready to Deploy SecureShare?

Free, open-source, and self-hosted secure sharing.

Get PHP Version
Get WordPress Plugin

Need professional support or custom deployment? Contact FatLab for paid services.