Securely sending secrets / info to externals

There might be a situation where you want to send an external party or customer something that is secret or that should be send secure. Examples of this can be a file, a onetime/initial password. There are tools that facilitate this because Slack/email is insecure by design. You can use the tools below. NOTE: These tools are not ment for sharing secrets / information that should managed in Keyhub!

Onetime secrets, small pieces of text and files

For securely sending small pieces of text or onetime secrets you can use Yopass. The default settings are the recommended ones but the delete after is probably too short for most use cases so adjust that accordingly.

There are a couple of settings you can tweak to make it as secure as possible, our recommendation is to keep One-time download toggled on. The amount of days is subject to the nature of the information.

To increase the security of sending the secret, you can decide to send the link without the decryption key (the “short link”) to the external party over one channel and the decryption key in another channel. For example send the short link over Slack/email and the decryption key in the chat of a Google Meet. Using a video call has the additional benefit of verifying the authenticity of the receiving party.

Larger files

Larger files off up to 20MB can be send via securetransfer.voys.nl.