Encrypted in your browser before upload.
No account needed.
Drop files to encrypt & share
Any format · Any size · Unlimited storage
Every decision we make starts with: can the server read this? The answer is always no.
Encryption runs entirely in your browser via WebCrypto. The server only ever receives ciphertext it cannot open.
Zero-knowledgeDecryption keys live only in the #fragment — browsers never transmit it to the server. Invisible by design.
Files never fully load into memory. FSZK streaming processes in 512 KB chunks — flat RAM use, any file size.
Time limits, download count limits, or single-view burn. Files are cryptographically deleted when limits hit.
Send directly device-to-device — nothing stored on our servers. Best for when both parties are online simultaneously.
Bundle any number of files into one encrypted link — all client-side. No zip required. One link, one decrypt.
Encryption runs entirely in your browser via WebCrypto. The server only ever receives ciphertext it cannot open.
Zero-knowledgeDecryption keys live only in the #fragment — browsers never transmit it to the server.
Files never fully load into memory. FSZK streaming processes in 512 KB chunks — flat RAM use, any file size.
Time limits, download count limits, or single-view burn. Files are cryptographically deleted when limits hit.
Send directly device-to-device — nothing stored on our servers. Best for when both parties are online simultaneously.
Bundle any number of files into one encrypted link — all client-side. No zip required. One link, one decrypt.
Any format, any size. No compression. Drag&drop or click to browse.
A 256-bit AES key is generated locally. PBKDF2 derives the key. Encrypts chunk-by-chunk before the first byte uploads.
The decryption key lives in the URL fragment — invisible to servers. Anyone with the link decrypts instantly in their browser.
Every claim is verifiable. Full implementation documented in the Security Whitepaper.
Every plan includes zero-knowledge encryption and unlimited storage. No credit card required.
forever
per month
per month
per month
No account needed. No credit card. Start uploading in seconds.
FileShot uses AES-256-GCM encryption directly in your browser before any data leaves your device. The encryption key is derived from your password using PBKDF2-SHA256 with 100,000 iterations, then combined with a random salt to produce a unique key per file. The server receives only ciphertext � it never sees the key and cannot decrypt the file under any circumstances. This architecture is called zero-knowledge encryption.
No account is required to upload and share files on FileShot. You can drag and drop a file, set an optional password and expiry, and get a shareable link instantly � no signup, no email address, no credit card. Creating a free account allows you to manage your files, view download analytics, and access advanced features like custom links, but it is entirely optional.
Free users can upload files up to 50 GB per file with unlimited total storage. Lite plan users can upload up to 100 GB per file. Pro plan users can upload up to 250 GB per file. Creator plan users have unlimited file size. All plans include unlimited storage � there is no cap on total files or total gigabytes stored.
Free files are kept for up to 180 days from the last access. You can also set shorter expiry periods � such as after a specific number of downloads or a set number of days � at upload time. Paid plans (Lite and above) allow unlimited expiry, meaning files remain available indefinitely until you choose to delete them. Files can always be manually deleted from your dashboard at any time.
Password protection is optional. If you set a password at upload time, the recipient must enter it to access and download the file � the password is required to derive the decryption key in their browser. If you share files without a password, anyone with the link can download immediately. For sensitive documents, using a password and sharing it through a separate channel (such as a message) provides the strongest security.
FileShot's zero-knowledge encryption model is well-suited for sharing sensitive documents such as legal contracts, financial records, medical records, and intellectual property. Because the server never holds the decryption key, a potential server breach cannot expose the contents of your files. Organizations with compliance requirements (HIPAA, GDPR, FINRA) may find FileShot's architecture advantageous. See the Security Whitepaper for full technical details and the use case pages for industry-specific guidance.