How does Dotjamr work?

You write a message, Dotjamr creates a one time link, and the message is deleted after it’s opened successfully.

Is my message encrypted?

Yes. Your message is encrypted in your browser before it’s sent. The link contains the key needed to decrypt it.

Can Dotjamr read my message?

No. The server stores encrypted text. Decryption happens in the recipient’s browser when they open the link.

What does one time access mean?

After the link is opened successfully, the encrypted message is deleted. If someone tries to open it again, it won’t be there.

What happens if the link expires?

If nobody opens the link before the expiry time, the message is deleted automatically.

Do I need an account?

No account, no inbox, no message history. Just create a link and share it.

Designed for one-time sharing

Security approach

DotJamr is built around a simple idea: the server should never see your message in plain text. Messages are encrypted in your browser, stored only as encrypted data, and removed after a successful read or expiry.

1) Encryption happens in your browser

When you create a message, your browser encrypts it before anything is sent. The server stores only the encrypted payload, never readable text.

2) Link mode

In Link mode, your browser generates a random encryption key. The decryption key is placed in the URL fragment (the part after #).

Browsers do not send the fragment to the server, which means the server cannot decrypt your message. Anyone with the full link can open it once.

3) Keyword mode

In Keyword mode, the encryption key is derived from a keyword you choose. The server never receives or stores this keyword.

Without the correct keyword, the encrypted message cannot be decrypted, even if someone has the link.

4) One-time access

When a recipient successfully retrieves the encrypted message, the server deletes it immediately. After that, the link will no longer return the message.

5) Expiry is enforced

If a link is not opened within the selected time window, it expires automatically. Expired messages are treated as unavailable and cannot be recovered.

What DotJamr protects against

Accidental persistence of sensitive notes in chat history or inboxes
Server-side access to plaintext messages
Re-reading the same message later via the same link
Access without the keyword in Keyword mode

What DotJamr does not protect against

Someone who already has the full link in Link mode
Someone who has both the link and keyword in Keyword mode
Screen capture, copy and paste, or a compromised device or browser
Sharing the link or keyword in a place where others can access them

Technical note

DotJamr uses modern, standard browser cryptography rather than custom algorithms. Messages are encrypted using AES-GCM, a widely trusted encryption standard.

In Keyword mode, the encryption key is derived from your chosen keyword using PBKDF2 with a high iteration count and a unique salt. This significantly increases resistance to brute force guessing.

All cryptographic operations run locally in your browser using the Web Crypto API. The server stores encrypted data only and does not have access to decryption keys.

Good sharing habits

Use Keyword mode for an extra layer of protection
Share the link and keyword via different channels where possible
Avoid posting links in group chats or ticket threads
Use shorter expiry times for more sensitive content

Create a new message