In this post, let us take a look at services that allow you to send sensitive information over email. One time passwords, address or any other information that can be read easily by others, are some examples where such a service can be useful.
Background: Password via email
A few weeks ago, I signed up with a service provider. They sent me an automated email asking me to confirm my email account. Upon confirmation, they sent me account details. To my surprise, the password to my login was mentioned in plain text!
As we enter the third decade of the current millennium, this practice should be stopped immediately. But what if your provider does not want to upgrade systems? You can either bid them goodbye, or encourage them to use a service that sends one time passwords. Or a service where the information is encrypted before it is sent.
Sending other sensitive information via email
Let us say you want to communicate information across to a user, a friend, or a near and dear one. Would you do so in plain text? Your spouse’s birthdate, etc. are some of the more innocuous examples. Others include medical records, or insurance details. You can let your imagination run wild on this one.
Would you send this information via email, or use a third party service? Most of you would prefer the latter!
I looked up some indormation on the latter, and came up with the below list.
Sending information via email: Third party services
Below is a list of services that are free to use. There are paid options also available. While I am not a big fan of *free* services, I thought that for everyday use, the below services were more than adequate.
This is a service form Automattic, the folks behind WordPress. Quickforget lets you store the information on their site temporarily. This could be a one time password, or information that can only be accessed by users who have the secret link.
Using revealit.me, you post your message, and a link is generated automatically. You can send the link to the recipient via email, or any other means. The recipient can read the message by clicking the link. The message is a one-time use, that is, if you share the link with multiple users, or refresh the page, the message gets deleted.
One Time Secret
You can create a link for a one time use using this service (as the name says!) You can create a random one time message, and send the link for that message to the recipient. They can reply to you in a similar fashion. You can also encrypt a short message and set a password. the reader will have to enter the password in order to read that message. That way, even if someone surreptitiously gets hold of the link, they will not be able to read the message. Other features includes setting a time limit for the message (for e.g. message will self expire after 7 days). Learn more about onetimesecret here.
Sites like alternativeto have a list of current and former services.
Safenote is an ad supported free service that allows you to send files and notes. A self destructing Private link is another option they offer.
temp.pm allows you to send AES-256 encrypted private messages. It is a free servie but they welcome donations.
Yopass offers a self hosted option to the above services. You can also use their website. The mssages can self destruct after one time read, or with a set time limit.
Brieflink.io offers services similar to safenote. I was not able to find much information about them, and their twitter account has been suspended as on date of publishing this post.
Nohistory.fyi allows you to send formatted email or messages, set passwords, one time read messages, or set a timeline before the message self destructs. The site mentions that the product is in early stages of development, the tech stack is based on AWS.
You can use one time use email accounts to send the information, though the purpose of existence for such accounts may be different than the above services. Here are a couple that I have used often in the past. In a future post a more extensive coverage of such services is planned.
Summing it all up
One can think of many useful and innocuous ways of using the above (or similar) services. Some could be for fun. Others for financial information, medical records, account logins, etc. Of course there can be some nefarious ways, but let us focus on the legitimate ones, and appreciate that such services exist.
This post was updated on 2020-12-21