Expiration & Self-Destruction
PassLink secrets are designed to be ephemeral. Here's how the destruction mechanism works.
Expiration Options
| Duration | Best For |
|---|---|
| 1 hour | Real-time sharing with someone online |
| 4 hours | Same-timezone async sharing |
| 24 hours | Cross-timezone sharing |
| 7 days | Non-urgent sharing |
How Self-Destruction Works
- View-based destruction: When a recipient opens the link, the secret is immediately deleted from our servers after being decrypted in their browser.
- Time-based expiration: Even if nobody views the secret, it is permanently deleted when the expiration time passes.
- Whichever comes first: The secret is destroyed by the first trigger — either viewing or time expiration.
What Happens After Destruction?
- The encrypted data is permanently removed from our database
- The link returns a "Secret not found" message
- There is no way to recover or restore a destroyed secret
- Server-side logs do not contain the secret content
Password Protection
For extra security, you can add a passphrase to your secret:
- The recipient must enter the correct passphrase to view the secret
- Wrong passphrase attempts do not reveal the secret
- The passphrase adds a second layer of encryption on top of AES-128