Frequently Asked Questions

Yes. File encryption, password generation, metadata removal, secure memo, password breach check, and security assessment are all free with no registration required. Secure file sharing is free up to 1GB. Pro features (5GB sharing, download tracking, SecureChannel, etc.) are available for $2.99/month.

File encryption, password generation, and metadata removal are processed entirely in your browser with zero server communication. You can verify this using your browser's Developer Tools (Network tab). For secure file sharing, only encrypted data is stored on the server. The decryption key is stored in the URL fragment (#) and is never sent to the server.

It means no one — including the server operator (us) — can read your files. Only ciphertext is stored on the server, and the decryption key is never transmitted to it. Even if the server is compromised, your file contents remain protected.

AES-256-GCM (Authenticated Encryption). Key derivation uses PBKDF2-SHA256 with 600,000 iterations, following OWASP 2024 recommendations.

No. Due to zero-knowledge design, we have no access to passwords or decryption keys. If the password is lost, decryption is impossible. Always store passwords in a safe place.

Yes. The decryption key is stored in the URL fragment (#), which is never sent in HTTP requests and doesn't appear in server logs. Even if intercepted, the file cannot be decrypted without clicking the link.

When a secure memo is read, the encrypted content is immediately deleted from the server. Opening the link again shows "deleted". Only metadata (send time, read status) remains until expiry for dashboard tracking.

Yes. PPAP (sending password-protected ZIPs via email) was discontinued by Japan's Cabinet Office in 2020. SecureMint's secure file sharing delivers files via E2E encrypted links — a modern, secure alternative. It doesn't bypass virus scanning and supports download limits and expiry.

Encrypted files are stored in Cloudflare R2 (Tokyo region). Metadata is stored in Upstash Redis (encrypted transit). Both are automatically deleted when they expire.

Yes. All tools can be tried without registration, making adoption easy even without IT staff. Pro plan adds business features: download tracking (with IP), SecureChannel messaging, and file request links.