Why Enqrypted
Privacy claims are only useful when the product flow and operational boundaries are clear. This page explains both.
End-to-End Encryption
Argon2id and XChaCha20-Poly1305 combine to protect your data with uncompromising ironclad security every time.
Zero-Knowledge
All encryption and decryption happen exclusively in your browser so no keys, passwords or plaintext ever touch our servers.
One-Time Use
Messages are permanently deleted after one successful open or three failed attempts, ensuring complete privacy.
Privacy First
We do not collect emails, phone numbers or personal data and accept crypto payments for fully anonymous transactions.
Built for high-sensitivity encrypted delivery
For workflows where searchable inboxes, forwarded attachments, or reusable cloud links create unnecessary risk.
Legal & Financial
Contracts, client files, compliance documents, and sensitive attachments that should not sit in normal inboxes or shared drives.
Client Handoff
Credentials, access details, one-time links, and private deliverables that need a cleaner path than emailing files and passwords together.
Personal Confidential Sharing
IDs, recovery data, private records, and sensitive personal files that deserve one-time access instead of long-lived message history.
How It Works
A simple, invisible flow. All in your browser. Never on our servers
You
Plaintext
Your secret
The message or file is prepared on the client.
[Encrypt]
Argon2id + XChaCha20-Poly1305
The password never leaves the device.
Server
Ciphertext
"rM7mn2JtXp7PYmOM1cfBv..."
The server only sees encrypted payload plus minimal metadata.
Salt/Nonce
Base64 + delivery metadata
Content remains unreadable; account data is used only for one-time delivery.
Recipient
[Decrypt]
Argon2id + XChaCha20-Poly1305
The same password is derived again on the client.
Plaintext
Your secret
After successful decryption, the one-time message flow deletes the data.
* We store only ciphertext, salt, and nonce. Never your keys, messages or files. Messages are deleted once read, after three failed attempts or after 24 hours. All encryption happens on your device, under your control.
Clear privacy boundaries. No vague promises.
Privacy is strongest when we show exactly what the product can and cannot touch.
What Enqrypted can access
- Encrypted payloads stored as ciphertext
- One-time access events, timestamps, and failed-attempt counts
- Account, plan, and payment data required to run the service
What Enqrypted cannot see
- Your message or file in readable form
- Your password or device-derived secret
- Decrypted content on the recipient’s device
Minimal operational data is part of running the service. Readable content is not.