How to create One-Time Secrets with Keestash OTS

Keestash OTS is our new micro SaaS-Tool to create One-Time Secrets which is free to use for everyone. OTS completes our password manager product, Keestash. With Keestash OTS, it is easy to create, manage and share passwords for individuals, teams and large enterprise companies.

How Keestash OTS works

As stated above, Keestash is free and public for everyone. There is no account registration or log in needed – just visit our website and get started.

OTS is secure and encrypted by design, meaning that you do not need to have to fear that your data will be seen by third parties (not even by us). Your secret (along with a file, if attached) is submitted to our servers using SSL encryption and is encrypted with your passphrase very early in the request flow. Using a strong AES-256 encryption, we store every bit and byte belonging to you into our databases. The passphrase is thrown away as far as encryption is completed and not needed anymore. Doing this, we ensure that having access to the data means literally nothing if you do not own the passphrase.

Getting started with Keestash OTS

To create OTS, simply go to the Keestash OTS website and you will face the following screen:

Keestash OTS main screen
Keestash OTS main screen

On the left hand side, there is the menu with links to a deep dive into how OTS works and the imprint. The Log In button in the bottom leads to a backend which we will cover in a separate paragraph later.

In the center, you will see two main areas: the first are “Create New Secret” is a simple introduction into OTS whereas the second area “Content” is the place where OTS creation actually happens. The textarea in “Content” is the place where you place your secret message – regardless of plain text, HTML code, emojis or even a never ending Lorem Ipsum text ­čśä.

The Secret Message

Keestash OTS is designed for handling with short messages as well as very long strings. For instance, a storywriter would not necessarily like to share his drafts by email since it will stay there “forever”. A software developer on the other hand could have some sensitive information within a XML string and wants to make sure that the content is only retrieved once. Or someone has created an online account for a relative and does not want to transfer credentials by messaging apps or email.

The Secret File

Almost the same rules apply for files – there are no limitations with respective to file content, extension or mime type. The only restrictions here are having a valid, non broken file and it a maximum upload limit of 2MB.

The Passphrase

The last input field, the passphrase, is for encrypting the message and file and is a regular password field for input forms. However, clicking on the eye next to the input field, you can show or hide the input.

Keestash show/unshow passphrase
Keestash OTS passphrase

All three input fields are optional and even the passphrase has not to be set. However, in order to have a strong encryption, we highly recommend to choose a strong password.

The Encryption

After inputting the secret message and/or a file, just make sure you have a strong passphrase and click on “Create Secret”. Keestash OTS will then forward all input to our servers and the encryption will be done there. Once the information is encrypted and stored in our databases waiting to getting consumed by others, Keestash OTS will generate a unique URL which you can share with your friends, coworkers or even strangers ­čśü

Keestash OTS copy URL
Keestash OTS link

The URL is valid for maximum seven days, if the message and/file behind is not reached earlier.

Consuming Secret Messages

So far, we have created a secret message which is encrypted and stored safely in Keestash databases. Keestash OTS has generated an unique URL which is shared to others.

At this point, it is important to know that the message is consumable only once. The consumer should keep this in mind and, of course, copy the message and/or download the file if it is possible.

Calling the unique URL, the consumer faces the message view which provides three areas: the first one contains – again – some information about what to do. The second area – “Content” – will output the secret later. The “Passphrase” area is meant to input the passphrase which is shared to the consumer by the creator of the OTS.

Keestash OTS secret view
Keestash OTS View

In fact, there is a third area with “File”. It will be only visible if the secret contains a file along to the message.

Keestash OTS consumed secret
Consumed Secret with File

Enterprise Subscription

So far, we have shown Keestash OTS for creating and retrieving One-Time Secrets. The SaaS-application is free to use and has no limits in terms of number of secrets or anything else. Why should someone subscribe to enterprise plans?

There are many reasons to do this. First of all, we offer prioritised support for our paying customers. We guarantee answers to support requests within a (together with the customer) defined amount of time. Second, we have a number of features which are enterprise only. Some of them are:

  • Employee User Accounts: the users will have their own accounts, will see the status of their secrets (pending, published, consumed, expired), can recall or expire secrets.
  • Central Passphrase Management: The organization to whom the users belong to may define a central passphrase in order to ensure that the secrets will stay within the organisation. The organisation owners may see the status of the secrets belonging to the organisation, can recall or expire them.
  • Copy/Download Protection: letting consumers only view, not copy or download messages and/or files.
  • API Integration: Integrate Keestash OTS into your existing applications, create and retrieve secrets automatically and get dedicated API support.
  • Report & Statistics: for upper management and/or IT admins.
  • Custom Extensions: any feature needed by you in order to run your business.

About Keestash and Keestash OTS

Keestash and Keestash OTS are both SaaS applications developed, hosted and maintained by Ucar Solutions UG (haftungsbeschr├Ąnkt). If you are interested in Keestash and/or Keestash OTS, fill out the following formula and we will reach you out as soon as possible. We are looking forward to read from you ­čśŐ

    Your Name*

    Your Email*


    Your Message*


    Open Source Password Manager


    49 69 175 111 52


    Schulstra├če 3a
    65719 Hofheim am Taunus