Why You Should Use A One-time Secured Link To Share Sensitive Info

Security has been one of our top priorities in building and supporting websites, and we all know that keeping passwords secure is a big part of that.

Secure passwords are the critical front line of website security. Bots are out there constantly trying to get access to your website to insert malicious malware or harvest personal details. Some attempt to ‘brute force’ guess multiple combinations until they get the right one, others attempt to login using passwords leaked from previous data breaches.

The recent Godaddy hosting breach highlights the need to use different passwords everywhere, in case one app is compromised. (and also why you should avoid using cheap, and less secure, hosting providers.)

There are 2 main parts to safe password practice: Using & storing secure passwords, and sharing them securely.

Keeping Your Passwords Secure

Here are some of the things you could do to keep your passwords safe even before wanting to share them with people you trust:

  • Generate a strong and complex password, you can start by using LastPass generator with this.
  • Length is more important than mixing up the symbols. For a password that you need to memorise, consider a phrase that is several words long.
  • Avoid using passwords that are personal info that is easy to find especially on social media. Like birthdays, anniversary dates, pet names, phone digits, etc.
  • Don’t use the same password more than once.
  • Avoid writing your passwords down on a piece of paper or an insecure file on your computer where it can easily get into the wrong hands.
  • Store your passwords in password managers like LastPass or any apps that you have full trust.
  • Use 2 Factor authentication, and enable alerts whenever there’s a new sign in from a new device

How Can You Share Passwords Securely?

This is a problem that we have wrestled with for a while. There is a balance to strike between convenience and security. We use Lastpass, but not all of our clients do and even the ones that do are unable to share into our teams account. Sharing only works person to person.

So a lot of the times over the years we have shared passwords via email. While this is not an issue most of the time, it is possible for emails to be intercepted as they travel through the networks and for those login details to be extracted and abused. The chances are low, but it is a risk.

Other things we have tried include access-restricted cloud docs. But this is not as convenient and can have other problems.

But recently, with the help of a good friend from IntegratePro, Dave Wooding, we set up a safe method for our clients to send us their access details using a one-time secured link.

Tunedwp James BondWhat is a One-Time Secured Link?

A one-time secured link works by encrypting the data saved into it with rules that allow the data to be decrypted only ONCE via the link provided. After the link is opened, the data self-destructs like a James Bond secret message.

Securedlink.co is the page we have created (with the help of Dave Wooding) where you can save sensitive information stored secretly behind a one-time secured link. The only people who will know the content is of course the sender, and the receiver that opens the link for the first time.

It is safe enough that even we, TunedWP, who set up this page don’t have access to any of the data other than via the one-time link.

The only way to access the data once saved is via the link and after it is opened, it is destroyed. Also, if it is not opened within 7 days it will be destroyed anyway.

How does the one-time secured link work?

How it works is quite easy and simple. Here are the steps:

  1. Go to Securedlink.co
  2. Input the sensitive data that you want to send in the data field
  3. Click the blue-button that says ‘Create a Link’
  4. Copy the link highlighted in green under ‘Share this Link’
  5. Send that link to your specific and trusted receiver.
  6. They then just need to click it and “VIEW SECRET’, copy the content and save it somewhere safe.

We suggest informing your receiver right before sending the link to make sure to securely store the content as soon as the link has been opened. The link expires after clicking so it won’t ever work for anyone again.

We created this for use with our clients, but it is freely available for anyone to use.

If you need help keeping your website secure, get our performance experts to perform a  Performance Audit. With this, we will also check your website’s Speed, Design, Sales Funnel etc.