ITYLOS Guide: share a password or file via an ephemeral secure link

How to transmit a confidential secret with local encryption, single-read access and verifiable destruction.

ITYLOS in 3 steps 1. Lock: Your password or file is scrambled directly on your screen.
2. Share: You send a unique link, impossible to guess.
3. Pulverize: Upon first reading, the data is physically shredded from our servers. The erasure is total.

Why not send a password by email ?

Traditional channels (Email, Slack)

  • Emails stored in sent and received folders
  • Slack or Teams messages indexed by search
  • Messaging synced across multiple devices (Cloud)
  • History kept for years

Ephemeral Link (ITYLOS)

  • The secret is encrypted before leaving your device
  • The generated link is valid only once
  • The server destroys the file upon opening
  • No plaintext trace is left on the network

Communication tools retain messages.
ITYLOS deliberately reduces the secret's lifespan.

How to use ITYLOS (Step by Step)

The ITYLOS process always follows the same confidential transmission cycle:

CREATE SHARE READ DESTROY VERIFY
1

Create a capsule

On the home page, paste your password, text or drag a file.
  • Set a time-based expiration (e.g.: 1 hour, 1 day).
  • Optionally add an optional opening password.
  • Click generate. Encryption is performed locally by your browser.
2

Share the secure link

You get a unique link (ex: https://itylos.../#cle-secrete).

Security note : The decryption key is included in the URL fragment (after the #), which by definition is never sent to the server by the browser.
  • Copy this link and send it via your usual channel (Email, Messaging, Support ticket).
3

Single read

The recipient clicks the link. Their browser downloads the encrypted envelope and uses the key in the URL to decrypt the content locally.
  • Access is temporary. As soon as the page is closed, the secret disappears from the screen.
4

Destruction & Proof

At the exact moment the capsule is opened, the server physically purges the data from its storage.
  • If you wish, you can download a cryptographic proof attesting to this destruction for your audits.
Security often starts by reducing data lifespan.
A secret is not meant to become an archive.

When to use ITYLOS ?

Access & Credentials

Transmit an administrator password (Root, DB) or proceed with secure password sharing with an external provider.

Infrastructure

Ensure secure API key sharing, an access token (JWT), an .env file or an SSL certificate between developers.

Technical support

Temporarily transmit a client password or troubleshooting access without ever leaving a permanent trace in a software support ticket.

Confidential Files

Send a secure secret (sensitive legal document, ID scan or contract) via a secure ephemeral link.

Architecture & Security Guarantees

Confidential transmission via ITYLOS relies on strict cryptographic standards widely used in the industry (AES-256-GCM, Ed25519) :

  • Local encryption : Executed by the browser (Zero-Knowledge)
  • Ed25519 signatures : Used to generate tamper-proof audit proofs
  • Single-read secret : Physical deletion of the server file upon opening
  • Transport vector : We are a conveyor, not a cloud storage space

Limitations of any secret sharing system

  • Screenshot or monitor photo by the recipient
  • Manual copy-paste of the secret by the recipient into an unsecured local file
  • Prior compromise of the user's workstation (e.g.: Keylogger malware)

The ITYLOS ecosystem

ITYLOS is not limited to capsule sharing. The ecosystem includes several complementary tools to manage the lifecycle of your data end-to-end.

The Forge (Generator)

Generate a secure password or passphrase using your browser's local entropy. 100% offline tool.

Proof Verifier

How to verify an ITYLOS proof ? Download the JSON destruction certificate and use this laboratory to validate the signature.

Frequently Asked Questions (FAQ)

What is an ephemeral link ?
It is a unique URL containing the path to an encrypted document and its decryption key. Once clicked and read, the link becomes permanently invalid. Any subsequent attempt to open it will display a 404 error (Not Found).
What is the difference between ITYLOS and a password manager ?
A manager (like Bitwarden, 1Password or KeePass) is used to store and keep your secrets daily.

ITYLOS is exclusively used to transmit them to a third party securely without creating an account. Both tools are perfectly complementary.
Does ITYLOS replace Signal or Proton Mail ?
No. Signal and Proton are designed for ongoing conversations and long-term asynchronous exchanges. ITYLOS is specifically designed to transmit a temporary and confidential secret.
Does ITYLOS store secrets ?
No. We temporarily store a blob of encrypted data that is undecipherable by us (Zero-Knowledge). Upon opening the link, this blob is purged.
How long does a capsule last ?
By default, a capsule is programmed to be destroyed upon its first reading. However, you can also set an expiration delay (e.g.: 1 hour, 7 days). The first of the two events (Reading or Expiration) will trigger destruction.
Can a sensitive file be sent ?
Yes. The process is identical. The file is encrypted in your browser before sending, and decrypted in the recipient's browser who can then download it.
Do secrets pass in plaintext through the servers ?
Never. The protocol encrypts the data via your browser's Web Crypto API. The key (placed after the # in the URL) is by definition never sent to the server by the browser.
Can a destruction be verified ?
Yes. From your local history ("My Capsules"), you can download a cryptographic proof of destruction, signed by our infrastructure.

Ready to transmit your secrets securely ?

Try ITYLOS. Create a single-read link, share it and guarantee the confidentiality of your exchanges.

Create a capsule Use the Forge Verify a proof