Can SimpleSafeCloud read my Dead Drop messages?

No. Messages are encrypted client-side with a key derived from 3 code words using PBKDF2 (100K iterations) and AES-256-GCM. The code words are never sent to the server.

Does the recipient need an account?

No. Recipients just need the link and the 3 secret code words. No signup or login required.

What is burn-after-read?

When enabled, the message is permanently destroyed after it is read once. It cannot be accessed again.

How long do messages last?

You choose an expiry: 1 hour, 24 hours, 7 days, or 30 days. After expiry, the message is permanently deleted.

How secure are 3 code words?

3 words from our curated list produce approximately 34 billion combinations. Combined with PBKDF2 (100K iterations) and a random salt, brute force is impractical.

Zero-Knowledge Encrypted Messaging

SendMessagesNoOneElseCanRead.

Dead Drop encrypts your message with 3 secret code words before it leaves your device. Share the words separately. Not even we can read it.

Word 1

FALCON

Word 2

ECHO

Word 3

GRANITE

Start Sending Free See how it works

3 free messages per month — no credit card required

Zero-Knowledge Encryption

Burn After Read

34 Billion Combinations

No Account to Read

How It Works

TwoPeople.ThreeWords.ZeroKnowledge.

The sender encrypts. The recipient decrypts. The server sees nothing.

Sender

Step 1

Write Your Message

Type your secret message. Choose an expiry time and whether it should burn after reading.

Step 2

Encrypted on Your Device

3 random code words generate an encryption key. Your message is locked with AES-256-GCM before it ever leaves your phone.

Step 3

Share Link + Words Separately

Send the link through any channel. Share the 3 code words through a different one — text, call, in person.

Recipient

Step 4

Open the Link

No account needed. Just open the link on any device.

Step 5

Enter Code Words

Type in the 3 secret words. Your device derives the same key and decrypts the message locally.

Step 6

Read & Destroy

The message appears with a typewriter reveal. If burn-after-read is on, it self-destructs in seconds.

Features

EverythingYouNeedforTrulyPrivateMessaging

End-to-End Encrypted

AES-256-GCM encryption happens in your browser. The server only stores ciphertext it cannot decrypt.

Burn After Read

Messages self-destruct after the first read. Once burned, they're gone forever — even from our servers.

Auto-Expire

Set messages to expire in 1 hour, 24 hours, 7 days, or 30 days. After expiry, the ciphertext is deleted.

No Account to Read

Recipients don't need to sign up or log in. Just open the link, enter the 3 words, and read.

Custom Code Words + Drop Signals

Choose your own 3 code words instead of random ones. Leave a drop signal so your asset knows exactly what to enter.

PBKDF2 Key Stretching

100,000 iterations of PBKDF2-HMAC-SHA256 stretch the code words into a strong encryption key. Combined with a random salt, brute force isn't viable.

Mobile-First

Built for how people actually share links — via text, iMessage, WhatsApp. The reader is designed for phone screens.

Zero-Knowledge Security

WeLiterallyCannotReadYourMessages

Dead Drop uses client-side encryption. Your message is encrypted in your browser using a key derived from 3 random code words. The key is never transmitted to our servers.

2048³ = 8.6 Billion Combinations

3 words from a 2048-word list. That's over 8 billion possible combinations, and each one is stretched through 100,000 rounds of PBKDF2.

Random Salt Prevents Pre-computation

Every message gets a unique 32-byte random salt. Even if two messages use the same code words, they'll have different encryption keys.

AES-256-GCM Authenticated Encryption

The same military-grade encryption used by governments and banks. If someone enters wrong code words, the authentication tag fails — no data is leaked.

What Our Server Stores

Messagea7f3e2...9c4b1d (encrypted gibberish)

SaltRandom bytes (not secret)

IVRandom bytes (not secret)

Expiry2026-02-08T00:00:00Z

What We Never See

Your message text

The 3 code words

The encryption key

Any way to decrypt it

Use Cases

ForAnyoneWhoNeedsRealPrivacy

Dead Drop replaces the "I'll text you the password" workflow with something that actually disappears.

Business Confidential

Share passwords, API keys, financial details, or contract terms with partners. The message expires — the information doesn't linger in email.

Personal & Private

Send sensitive personal information — SSN, medical records, private conversations — without it sitting in someone's inbox forever.

Whistleblowing & Journalism

Anonymous tips and source communication. No account needed to read, no metadata trail, self-destructing evidence.

Legal Documents

Share privileged attorney-client information, settlement terms, or case details with an automatic expiration date.

Team Credentials

Onboard new team members with temporary access credentials. Burn-after-read ensures the passwords don't persist.

Cross-Border Communication

Communicate privately across jurisdictions. Even if our servers are subpoenaed, we can't hand over what we can't decrypt.

Pricing

Simple,TransparentPricing

Start free. Upgrade when you need more.

Free

$0forever

Try Dead Drop with no commitment

3 encrypted messages per month
All expiry options (1h – 30d)
Burn-after-read
10,000 character limit
No account needed to read

Get Started Free

Premium

$99/year

Unlimited Dead Drops + 500 GB encrypted cloud storage

Unlimited encrypted messages
All expiry options (1h – 30d)
Burn-after-read
10,000 character limit
No account needed to read
Custom code words + drop signals
500 GB encrypted cloud storage
Encrypted notes
Photo backup
Secure file sharing

Start Premium

Also available: Lifetime access for $249 — one payment, no subscription.

FAQ

CommonQuestionsAboutDeadDrop

SendYourFirstDeadDrop

Write a message. Get 3 code words. Share them your way. No one else can read it — not even us.

Get Started Free

3 free messages per month — no credit card required