January 16, 2021

One-Time Secret Tools

I’ve been asked to evaluate a company standard for a one-time secret tool.

Our primary goal is to name a standard site or tool to send self-destructing notes providing that the host cannot see the contents, and the traffic is encrypted.

Evaluating Privnote, PrivateBin, Pastebin, Saltify, Onetimesecret

One of the discussions we’ve had internally is hosting our own instance of privatebin versus using the public tools. I’m not a fan of the ad-supported matrix on many of these tools. Additionally, a site like Onetimesecret couldn’t guarantee their future security.

Would love some recommendations on how your companies are solving for this. Right now, we’re sending too many passwords around through teams and Outlook for my taste. Thank you.

Comments

julian88888888

what about github gists?

upofadown

Why do they need to be self destructing? There is no sure way to do that, someone can just snap a pic of the screen.

Without some sort of company wide identity management how can you be sure you are actually sending the note to the intended recipient? How do you know you are not first sending the note to the entity providing the service?

Since you are a biz an obvious question is; how are you securing your email? PGP? S/MIME? Some sort of VPN scheme? Why can’t you just use something preexisting?

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.