GoSecret

GoSecret

GoSecret provides an easy way to share confidential information. When your message is sent via GoSecret, the message is encrypted. Once the message is read by the intended recipient, it is permanently destroyed. Commonly shared messages include usernames and passwords. GoSecret is especially popular among MSP’s and other companies that need to share confidential information with their clients or third parties.

Use Cases

  • Reducing the risk of leaving sensitive information like passwords in emails
  • Sharing crypto-keys with a third party
  • Providing a user with a one-time passcode

Features

Core
END-TO-END-ENCYRPTION

GoSecret encrypts all communication from client to server.

ONE-TIME-USE-LINKS

Each secret generated can only be viewed once and only with the corresponding link.

STRONG HTTPS SECURITY

GoSecret leverages strong security protocols (TLS 1.2 & 1.3) and ciphers by default.

PASSWORD PROTECTION

GoSecret allows you to add a second layer of protection with use of a password on the secret being shared.

APPLICATION SECURITY

GoSecret performs daily 3rd party vulnerability scans against the application.

FULL STACK SECURITY

GoSecret is proudly written in Go, and its TLS stack is powered by the robust crypto/tls package in the Go standard library. Never vulnerable to Heartbleed or other similar flaws!

Security
MODERN CIPHER SUITES

GoSecret uses the best cipher technologies including AES-GCM and ECC by default, balancing security and compatibility. You can customize which ciphers are allowed.

MAN-IN-THE-MIDDLE DETECTION

For HTTPS requests, GoSecret can detect when the client’s TLS connection is likely being intercepted by a proxy, giving you the ability to act accordingly

MEMORY SAFTEY

GoSecret is impervious to bugs like Heartbleed and buffer overflows because it is written in the memory-safe language of Go.

PCI COMPLIANT

GoSecret uses a PCI-compliant configuration by default. 

KEY ROTATION

GoSecret rotates TLS session ticket keys by default. This helps preserve forward secrecy, i.e. visitor privacy.

ENFORCED HTTPS

GoSecret automatically enforces redirection from http to https to ensure all end users are connected on https everytime, all of the time.