Send encrypted, self-destructing notes. Learn more.

What is s.cr?

s.cr encrypts your note in your browser, so only you and the recipient know its content. All notes self-destruct after a period of time, defaulting to 24 hours.

How is this secure?

s.cr stores the encryption key within your URL fragment (the part after the #). This key is never sent to the server, so the site operators have no way of decrypting the content. The fragment-key has 60 bits of entropy and we expand it through 128 rounds of pbkdf2 before passing into AES-256.

But, you can only trust this site as much as you trust these claims.

How does this compare to privnote?

The basic functionality is the same, but s.cr has no ads or trackers, and the URLs are shorter.

What is it used for?

While s.cr could be used for any number of reasons, I use it for sharing passwords, secret keys, and messages that I may not want to be associated with in the future.

Who are you?

I'm Ammar. You can reach me here.