How to Securely Send Logins, Passwords & Files

We all know that we shouldn’t just send our logins, passwords and sensitive or large files in regular email. But while we know we shouldn’t, most people don’t know how to send these types of things safely & securely.

Why you shouldn’t send logins, passwords and files in email

Emails are not a good way to send login credentials because emails get forwarded, computers get hacked, devices get compromised, etc. Plus, email generally sticks around forever. I can still easily access emails from more than 10 years ago.

Emails are also not well suited for most file transfers. That’s because in today’s world many files are large, and some may contain sensitive information. The first challenge of large files can be covered by pretty much any file transfer service, but many are complex.

The second, the need to protect information, that requires secure encryption and data protection on the part of the sending service.

How to send logins & passwords securely

To securely send your logins, you need two things: short lifespan and encryption.

There are a number of online services which offer this security. I’ll be referencing 1ty.me.

1ty.me encrypts your data when you click submit on their form and 1ty.me destroys your data once it has been viewed. Since it’s destroyed, even if someone else gets the link they can’t access it because it’s gone.

1ty.me is very easy to use, just follow these steps:

1. Visit 1ty.me and enter your sensitive information into the form.
2. Click on Generate Link to retrieve a short URL.
3. Email (or text or skype or slack, etc) your short URL to whoever needs access to the login information.
4. That person views the link and gets the info.
5. The data is destroyed and no one else can ever access it (including the folks at 1ty.me).

How to securely send files

1ty.me works great for basic text info like logins and passwords, but what about files? How do you securely send files from one person to another?

For sending files we use WeTransfer. WeTransfer abides by very strict EU privacy standards.

WeTransfer is very easy to use, just follow these steps:

1. Visit wetransfer.com and click on “Take me to Free”.
2. Agree to their Terms of Service.
3. Drag & drop files from your desktop into WeTransfer, up to 2GB.
4. Enter the email address of the person you want to send these files to (yes, you can enter multiple email addresses).
5. Enter your own email address.
6. Enter a short message.
7. Click Transfer.
8. Keep the window open while your documents upload. The more you have, the longer this will take.
9. You’ll receive an email telling you that your documents were successfully uploaded and an email was sent to your recipient.
10. Your recipient has 7 days to download the files after which they are destroyed. Yes, they can download them more than once during this 7 day window.
11. You will receive an email letting you know that your recipient has downloaded them.

HIPAA: WeTransfer does not comply with US HIPAA because they aren’t in the US. Instead they comply with the Dutch Personal Data Protection Act which is based on the E.U. Privacy Directive (the E.U. is really big on privacy).