NotifiUs, LLCEncrypt

Stop sending sensitive information directly in emails

What is this?

Instead of sending credentials or other sensitive information in email, this system creates an encrypted link, emails it to the intended recipient, and relies on you to transmit a 4-word passphrase which they use to decrypt the link sent to them.

This allows you to avoid forwarding emails with attached or inline sensitive information.


How does it improve security?

As a result, you end up reducing risk of accidentally leaking passwords because of poor email practices by your recipient or yourself.


Is it safe to use?

We require TLS/SSL connections, use AES-256-CBC bcrypt encryption signed with message authentication code (MAC), store all information within volatile in-memory key-value store (redis) fully encrypted and set to automatically expire. No data is persisted to a database. We rotate the application key automatically at random times. Links sent to recipients use signed URLs. You can expire any item you create immediately from the success page.

In short, we believe this is a much safer alternative to placing credentials in plain-text within emails. Other tools, including digitally signed and encrypted emails, password manager secure sharing, and encrypted messages with GPG are all great, secure alternatives.

Ultimately, you should only use this tool if you don't have an alternative secure method of sending credentials and you trust the creator, Patrick Labbett, and the company NotifiUs, LLC.


I'm receiving emails and don't know why!?

This generally means someone is trying to send you a message that has been encrypted. In rare cases, it's possible a bad actor is using our system to spam or otherwise abuse the service. We've taken steps to mitigate abuse, including rate-limiting to 1 submission per minute, detecting automated submissions, and requiring a reCaptcha challenge.

To report abuse of this tool, please email support@notifi.us and we'll assist as quickly as possible.