What is DevPaste?
DevPaste is a zero-knowledge encrypted sharing tool. It lets you safely send passwords, API keys, credentials, or any sensitive text — temporarily and securely. Unlike email or chat, your data is encrypted in your browser before it ever reaches our servers. We literally cannot read what you share.
Step by step
1
Write your message
Paste your password, API key, or any sensitive text into the content field.
2
Set an expiry
Choose how long the link should live — from 5 minutes up to 30 days. After that, the content is permanently deleted.
3
Enable burn after read (optional)
The message self-destructs the moment someone opens it — it can never be viewed again.
4
Add a password lock (optional)
Add an extra layer of protection. Share the password separately — over a call, SMS, or in person.
5
Generate your link
DevPaste encrypts your content with AES-256-GCM directly in your browser, then creates a unique link.
6
Send the link
Share it via any channel — email, Slack, SMS. The decryption key is in the #fragment of the URL and is never sent to our server.
🔐
Why is it safe?
The encryption key lives only in the URL fragment (the part after #). Browsers never send fragments to servers — so DevPaste's server only ever stores ciphertext it cannot decrypt.
Example
You need to send a database password to a teammate:
- Open DevPaste and paste the password
- Select 1 hour expiry
- Enable burn after read
- Click Generate encrypted link
- Send the link to your teammate via Slack
- They open it once — it decrypts instantly — then it's gone forever
Your server never stored the plaintext. DevPaste never could read it. The teammate is the only person who saw it.
Create a secure message