Direct peer-to-peer
sharing.
Stop sending plain text passwords over messaging channels. Transfer access using one-time encrypted QR codes and temporary relays — without exposing anything to our servers.
The Vulnerable Way
- ✗Plaintext sharing via SMS or WhatsApp threads
- ✗Sending secrets in standard unencrypted emails
- ✗Pasting access tokens into Slack/Discord channels
- ✗Writing passwords on physical sticky notes
- ✗Leaving screenshots exposed in camera rolls
The ZeroAuth Way
- ✓AES-256-GCM authenticated local encryption
- ✓Session keys live solely in QR codes — off our server
- ✓Encrypted payload relay handles opaque ciphertext
- ✓Dynamic consumption: data deleted immediately upon scan
- ✓Web links allow secure shares to non-ZeroAuth users
Step-by-step
How secure sharing works
Payload Choice
Generate a strong password using our secure offline tool or pick an existing credential from your encrypted local vault.
Local Keygen
Your browser outputs a 256-bit symmetric session key via CSPRNG. This key resides only inside the display QR code.
E2EE Hashing
We encrypt your data using AES-256-GCM before dispatching the ciphertext payload to our secure, temporary relay server.
Scan & Retrieve
Recipient scans the QR code, extracts the session key, queries the ciphertext, and decrypts it locally.
Auto-Purge
Once scanned, the relay ciphertext is immediately deleted. Any unscanned session expires automatically in 10 minutes.
Share without the risk
Every transfer session is client-side encrypted. No middlemen, no readable text, no permanent footprint.