ProtectedShare
ProtectedShare is Open Source on GitHub →

ProtectedText alternative for secret sharing, online notepad & EnvShare

Your documents and keys are encrypted in your browser before being stored for a limited period of time and read operations. Unencrypted data never leaves your browser. ProtectedShare is a free and completely anonymous zero-knowledge sharing utility.

A simple secret sharing website for secure notes, .env files, API keys, and one-time links.

Secure NotesShare .env / Keys →Encrypted Notepad
Read the security blog for guides and comparisons →

Prefer to run it yourself? See the self-host guide for Docker and deployment notes.

Browser Encryption

AES-256-GCM encryption happens entirely in your browser. The server never sees your plaintext.

Burn After Read

Secrets self-destruct after 1, 3, 5, or 10 reads. Permanently deleted — zero traces left behind.

Free · No Signup

No cookies, no analytics, no accounts. Completely free with zero tracking. Use instantly.

Compare our tools

FeatureSecure NotesEnvShareNotepad
Primary Use CasePasswords, private notes, letters.env files, API keys, developer secretsCross-device scratchpad, personal logs
Password DeliveryCustom/auto, sent via separate channelEmbedded in link hash (1-click decryption)User-defined master password (zero-knowledge)
PersistenceTimed expiration (Optional Burn)Self-destructs after 1-10 readsCloud-synced vault (persists until deleted)
Security Rating
★★★★★Cloudflare-backed, split-delivery keys
★★★★☆Cloudflare-backed, key-in-link
★★★★★Cloudflare-backed, client-side decryption

* Note: Cloudflare's global serverless network powers our backend databases, ensuring high availability, edge isolation, and encrypted-at-rest protection.

Frequently Asked Questions

Is ProtectedShare really free?
Yes, 100% free with no signup, no accounts, and no usage limits. Create unlimited encrypted notes, share .env files, and generate self-destructing secret links at zero cost.
What is the difference between Secure Notes and EnvShare?
Secure Notes is designed for high-security, 2-channel sharing (you send the note link via one app like Slack, and the password via another like SMS or Signal). EnvShare is built for quick 1-click sharing of code/dotenv files where the decryption key is embedded in the link's hash fragment (e.g. #password) so the recipient doesn't need to manually copy-paste passwords.
How is this different from EnvShare?
ProtectedShare includes all EnvShare features (AES-256 encrypted .env sharing with configurable TTL and read limits) plus: encrypted notes with separate password delivery, an offline-first encrypted notepad, dark/light mode, and a mobile-optimized interface. EnvShare is no longer actively maintained.
Can the server read my secrets?
No. Your data is encrypted with AES-256-GCM entirely in your browser before being sent to the server. For the Encrypted Notepad, usernames are hashed client-side using SHA-256 before transit so we don't know who owns which notepad, and passwords are never transmitted. The encryption keys never leave your device, making it cryptographically impossible for anyone — including hosts and administrators — to decrypt your data.
Is this a good ProtectedText alternative?
Yes. ProtectedShare offers stronger encryption (AES-256-GCM), a modern mobile-friendly interface, self-destructing notes, .env file sharing, and an encrypted notepad — all without accounts.
Is ProtectedShare a secret sharing website?
Yes. ProtectedShare is built for sharing secrets, notes, API keys, and .env files through encrypted links that can expire or self-destruct after a set number of reads.
How do I share API keys securely?
Go to the EnvShare page, paste your API keys or .env file, choose an expiration time and read limit, then click 'Encrypt & Generate Link'. The decryption key stays in the URL hash fragment and is never sent to the server.
What happens after someone opens my link?
It depends on your read limit. If set to 1 read (burn-after-read), the data is permanently deleted after the first view. With multiple reads (3, 5, or 10), the counter decrements and deletes at zero.

Need dedicated infrastructure?

We deploy completely isolated, private zero-knowledge instances for enterprises. Custom domains, dedicated databases, and full compliance support.

Contact us →