BURN THE SECRET
Back to Guides

Comparing Password Sharing Methods: Email vs Secure Links

Why emailing passwords is dangerous and how secure links provide better protection for your credentials.

"I'll just email you the password." These seven words have caused countless security breaches. Despite being the most common method of sharing credentials, email is one of the worst choices for password security. Let's break down why, and what you should use instead.

The problem with emailing passwords

Email was designed in the 1970s for exchanging messages between trusted parties on a trusted network. It was never intended to be secure. Here's why emailing passwords is a security nightmare:

Emails live forever. That password you emailed in 2019? It's still sitting in sent folders, inboxes, archives, and backup tapes. Companies are legally required to retain emails for years. Your password is now part of that permanent record.

Multiple copies, multiple risks. An email travels through multiple servers and creates copies at each step: your mail server, their mail server, possibly their company's archive system, their devices, and any backups. Each copy is a potential breach point.

Forwarding and CC'ing. Recipients can forward emails without thinking twice. "Hey, can you help John with this?" And suddenly your password is in John's inbox, his manager's inbox (CC'd "for visibility"), and the team Slack channel where someone pasted it.

Searchable archives. Administrators can search email archives. "Password", "login", "credentials" are easy keywords. A compromised admin account or a malicious insider can harvest every password ever shared via email.

Account compromise = total exposure. When someone's email is hacked (and eventually, it will be), the attacker gets access to every password ever sent to or from that account. One breach exposes years of credentials.

Head-to-head comparison

Here's how email stacks up against one-time links across key security factors:

  • Data persistence: Email is archived forever. One-time links are deleted after viewing.
  • Encryption: Email varies (often unencrypted). One-time links use AES-256-GCM (always).
  • Access control: Email is accessible to anyone with email access. One-time links have view limits and expiration.
  • Searchability: Email is fully searchable. One-time links are not searchable.
  • Forwarding risk: Email is easy to forward. One-time link dies after use.
  • Server access: Email admins can read content. One-time links use zero-knowledge architecture.
  • Breach impact: Email exposes all historical passwords. One-time links leave nothing (data deleted).

How secure links solve these problems

Self-destruction. The password is deleted immediately after viewing. No archives, no backups, no traces. If someone searches for "password", they find only a dead link.

End-to-end encryption. The password is encrypted before leaving your browser. Even if someone intercepts the transmission, they only get encrypted gibberish.

View confirmation. When the link stops working, you know it's been viewed. If the intended recipient says they didn't get it, you know it was intercepted.

Zero knowledge. The encryption key never touches the server. Even a server breach reveals only encrypted data that can't be decrypted.

But I still need to send something via email

Here's the good news: you can use email as the delivery mechanism for a secure link. The email itself just contains a link, not the password. If someone searches your email archives, they'll find links that no longer work.

The wrong way: "Hi John, here are your credentials: Username: john@company.com, Password: SecureP@ss123!"

The right way: "Hi John, here are your credentials: Username: john@company.com, Password: burnthesecret.com/s/abc123"

What about encrypted email?

Some people suggest using encrypted email (PGP/GPG or S/MIME) for sharing passwords. While better than plain email, there are significant drawbacks:

  • Complexity: Both sender and recipient need to set up encryption keys, something most people never do.
  • Key management: Lost keys mean lost access. Compromised keys mean all historical messages are exposed.
  • Still persistent: Even encrypted emails are stored permanently. If the key is ever compromised, all historical passwords are exposed.
  • Metadata visible: Subject lines and sender/recipient information aren't encrypted, revealing that sensitive information was shared.

One-time links are simpler, work for anyone without setup, and provide better security through automatic deletion.

Making the switch

Breaking the habit of emailing passwords takes effort, but it's worth it. Here's how to transition:

  1. Start with yourself: Use one-time links for every password you share, even internally.
  2. Educate gently: When someone emails you a password, thank them but suggest using Burn the Secret next time.
  3. Create team guidelines: Establish that passwords should never be shared via email, Slack, or other persistent channels.
  4. Clean up history: Search your email for "password" and consider changing any credentials that were shared via email.

Ready to stop emailing passwords? Create a secure link on Burn the Secret.

Related guides

How to Share Passwords Securely →One-Time Link Security →