Self-Destructing Notes Explained

Most messages leave a trail. Emails sit in inboxes indefinitely. Slack messages are searchable for years. Even "deleted" texts often persist in backups. Self-destructing notes are a different approach — share a piece of information once, and then it's gone.

Here's how they work, why they matter, and when you should use one.

What is a self-destructing note?

A self-destructing note is an encrypted message that automatically deletes itself after a set condition is met — either after a certain amount of time has passed, or after it has been read a set number of times. Once that condition is triggered, the note is permanently and irreversibly deleted. There's no recovering it from a trash folder, no backup, no archive.

The concept has been around in spy thrillers for decades — think Mission Impossible's "this message will self-destruct in five seconds." The modern version is far less dramatic but considerably more practical.

How do self-destructing notes work technically?

The implementation varies by service, but a well-built self-destructing note system works like this:

1. You write your note and choose an expiry condition (time-based or view-based)
2. The note is encrypted — ideally in your browser before it's ever sent to a server
3. A unique link is generated containing the decryption key
4. When the recipient opens the link, the note is decrypted locally in their browser
5. The server deletes the note immediately after serving it

Time-based vs. view-based expiry

Most self-destructing note services offer one or both expiry modes:

Time-based expiry deletes the note after a set duration — 1 hour, 24 hours, 7 days, or 30 days — regardless of whether it was read. This is useful when you want to ensure information doesn't linger beyond a certain window, even if the recipient never opens it.

View-based expiry deletes the note after it has been read a specific number of times. A single-view note is the most private option — once your recipient reads it, the link is dead for everyone including you. Multi-view notes (3, 5, or 10 reads) are useful for sharing with small groups.

When should you use a self-destructing note?

Self-destructing notes aren't for every situation — they're a specific tool for specific needs. Here are the most common use cases:

• Sharing passwords or credentials — send a one-time link instead of a password in plain text over email or chat
• Sensitive personal information — social security numbers, bank account details, medical information
• Business information you don't want archived — internal details, client information, contract terms during negotiation
• Anything you'd prefer not to exist in someone's inbox permanently

What self-destructing notes don't protect against

It's worth being honest about the limits. A self-destructing note prevents the information from persisting on a server after it's been read. But it doesn't prevent:

• The recipient taking a screenshot before the note is deleted
• The recipient copying and pasting the content elsewhere
• Someone reading over the recipient's shoulder

Self-destructing notes are a strong tool for reducing information persistence and limiting exposure. They're not a guarantee against a determined recipient who wants to save the information.

Are self-destructing notes really private?

It depends entirely on the implementation. A service that encrypts notes client-side (in your browser), stores only the encrypted version, and never has access to the decryption key provides strong privacy guarantees. A service that stores notes in plaintext and just deletes them after reading provides much weaker guarantees.

The questions to ask any self-destructing note service: Is encryption client-side or server-side? Does the service have access to the decryption key? What metadata is logged?