I’ve been asked to evaluate a company standard for a one-time secret tool.
Our primary goal is to name a standard site or tool to send self-destructing notes providing that the host cannot see the contents, and the traffic is encrypted.
Evaluating Privnote, PrivateBin, Pastebin, Saltify, Onetimesecret
One of the discussions we’ve had internally is hosting our own instance of privatebin versus using the public tools. I’m not a fan of the ad-supported matrix on many of these tools. Additionally, a site like Onetimesecret couldn’t guarantee their future security.
Would love some recommendations on how your companies are solving for this. Right now, we’re sending too many passwords around through teams and Outlook for my taste. Thank you.
what about github gists?
Why do they need to be self destructing? There is no sure way to do that, someone can just snap a pic of the screen.
Without some sort of company wide identity management how can you be sure you are actually sending the note to the intended recipient? How do you know you are not first sending the note to the entity providing the service?
Since you are a biz an obvious question is; how are you securing your email? PGP? S/MIME? Some sort of VPN scheme? Why can’t you just use something preexisting?