Grant Temporary Record Access Without Compromising Security With Keeper One-Time Share

With Keeper’s One-Time Share feature, sharing confidential information with someone who doesn’t have a Keeper account doesn’t have to be complicated. One-Time Share provides time-limited, “read only” access to a Keeper record with anyone, without exposing information over email, text message or messaging.

One-Time Shares are secure by design, utilizing Keeper’s zero-knowledge encryption, where record data is decrypted locally on the recipient’s device. One-Time Share is unique due to its built-in safeguards, including the ability to set an expiration on the share link – ranging from one hour to 90 days or a custom date and time. This automatic “set it and forget it” functionality reduces the workload of the sender, who won’t need to revoke access later. As an additional layer of security, One-Time Shares are device-locked, which means that only the original recipient is able to access the data, and only on a single device.

Once a Keeper user creates a share link, they have the option to copy the URL, paste the provided share invitation into an email to provide contextual information to the recipient or offer a QR code for the recipient to scan and view the record. 

Keeper One-Time Share addresses the fundamental challenge of sharing confidential information without compromising security. It replaces insecure methods like email attachments or consumer file-sharing services that lack enterprise-grade protection.

Collect and share confidential data securely

Keeper’s latest update to One-Time Share now enables two-way sharing between Keeper users and non-users, providing an easy and secure way to exchange confidential information and files. Simply check “Allow recipient to edit record fields and upload files,” which activates the bidirectional functionality of the previously “read-only” One-Time Share link. 

Bidirectional one-time sharing encourages seamless collaboration that enables Keeper users to collect signed documents, feedback or sensitive files and information from anyone – including clients, contractors and legal personnel – without requiring them to create a Keeper account. Once received, the recipient can upload file attachments and enter any other requested information or notes. 

This new sharing technology builds upon the functionality of our existing One-Time Share feature while preserving the security Keeper is known for. The data is protected in transit by Keeper’s elliptic-curve and AES-256 cryptography and can be decrypted only locally on the recipient’s device.

Both individuals and organizations can benefit from bidirectional One-Time Shares to facilitate operations such as:

• Collaboration – securely collect signed documents, feedback or sensitive files from clients, contractors and partners.
• Vendor requests – securely request compliance documents or private credentials from third parties.
• Internal audits – temporarily share and retrieve information with auditors or legal teams.

The original record will automatically update in the sender’s vault with the newly added information, and both the sender and recipient can continue to edit the record until the share link expires or once access is revoked.

Zero-trace sharing with self-destructing records

Self-Destructing Records also leverage Keeper’s One-Time Share technology, allowing you to share a record with users outside of Keeper. However, they are unique in that the record is automatically deleted from your vault once the share link expires at a time of your choosing. This feature is particularly useful in cases where you no longer need the record after it has been shared with the recipient. 

Users can add the “Self-Destruct” attribute upon record creation, which generates a one-time share link that expires at the time of their choosing. The record will then “self-destruct” and be removed from the sender’s vault at the specified time or once the recipient has opened the record – whichever comes first. Once the link is opened, the recipient will have five minutes to view the record.

By limiting the amount of time recipients have access to records, organizations simplify compliance, and users can rest easy knowing their records are shared securely without the extra step of removing the record from their vault later.

How One-Time Share benefits MSPs

Keeper’s One-Time Share feature provides significant benefits for Managed Service Providers (MSPs) in several key areas.

MSPs often need to collect sensitive credentials, API keys and configuration details from new clients. One-Time Share’s bidirectional functionality allows MSPs to securely request and receive this information without requiring clients to create Keeper accounts or use insecure methods like email. The time-limited access ensures credentials don’t remain accessible indefinitely.

During security incidents or outages, MSPs may need to quickly share temporary credentials or emergency access information with clients. This streamlines MSP operations while maintaining the high security standards their clients expect.

Secure data sharing, endless possibilities

Keeper continues to lead the charge in providing its customers with a variety of flexible and easy-to-use methods to share records without compromising security. 

The applications and use cases for these sharing methods are virtually endless. Any time you need to securely deliver data to external users, One-Time Share is the perfect choice. 

To learn more, check out our One-Time Share page in the End-User Guide.