Send Secrets via WordPress

Make sure confidential information like passwords you send to clients are secure and can only be used once!

Sending confidential information is a potential security risk

Research suggests that the average person has between 25 and 35 unique login credentials they need to remember. No wonder that nearly 40% of people forget a password at least once each week.

You as well might send passwords or confidential information to clients, most likely by email. This is the dream for hacker. When a hacker gains access to your inbox or the inbox of your client, you’ve got a problem.

For this purpose we developed the Send Secrets via WordPress plugin. This plugin lets you send confidential information like passwords to any email address, and the information will be destroyed right after the credentials have been displayed once. And to make it even more secure, we don’t store your secrets into your WordPress database. Instead we store it in our own highly secure PostgreSQL database.

Create an account in our dashboard

Please sign up or log into our dashboard. Signing up is free and you only need to have an email address.

Generate an API key for your website

After you have signed in please create a new API key. When you create a API key our dashboard will generate an API token for you.

  • Log in
  • Click “API keys
  • The domain field must be correct, including the protocol (https). We validate if the plugin operates from the domain you fill in here
  • Click on “Generate API token”

After completing these steps you return to the dashboard where you see the websites you have added. To get the API key, click on the “input bar”. This should reveal the API token which you can copy.

 

 

 

Connect your website to the Send Secrets plugin

Every website can be assigned to one or more plugins, so you can keep track of the credit usage.

  • Click on “Plugins
  • In the overview with available plugins, go to the plugin called “Send Secrets Via WordPress” and click “Add/remove plugin

Install the Send Secrets via WordPress plugin

  • Download the plugin
  • Install the plugin into your WordPress site
  • Activate the plugin

 

 

 

Create the "revealing secrets" page

The plugin will show the secret you have shared with your client on a page you have to create first. This way you can personalize it compleetly to your liking.

  • In the top menu hover “new” and select “page”
  • Design the page as you like
  • Include the shortcode [reveal_secret] where you would like to “revealing secrets”
  • Copy the “slug”, the slug is the path WordPress creates to the page you created, for example “/secret-revealing-page”

Fill in the required information into the plugin settings

  • In the left menu click on “Send Secrets”
  • Scroll down to the section “Settings”
  • Copy paste the API token created in step 2
  • Copy paste the slug created in step 5
  • Click on “Update”
  • You can also customize the “email settings” and “translations”

That’s it! You’re ready to send secrets.

 

 

 

Customize the "from" headers (optional)

By default the application will send from: “Send Secrets <sendsecrets@kaboom.website>” you can change this to your liking.

  • Go to your DNS provider (GoDaddy for example)
  • Log in at your DNS provider
  • Go to “change DNS settings” or “change Domain Settings”
  • Check if you have a SPF record allready, a SPF record is into a TXT record.
  • If you don’t have a SPF record:
    Add a TXT record with the following content: “v=spf1 ip4:188.166.35.187 ~all
  • If you already have a SPF record:
    Add this to the exsisting SPF record: “ip4:188.166.35.187”. Make sure this is after “v=spf1” and before “all”.

What does the Send Secrets via WordPress plugin have to offer?

~

Send confidential information from your WordPress admin panel

After installing the plugin, you will see a new menu item pop up in your WordPress dashboard called “Send Secrets”

Customize the "Reveal Secret" page

The “Reveal Secret” page is the page where the client will receive the secret. This plugin comes with a short code which will load the tool to show your confidential information to your client anywhere you please. This makes it possible to create a beautiful page and includes the password unlocking tool.

The only thing you need to do is create a page and put the short code ([reveal_secret]) anywhere and lastly let the plugin know on what URL that page is available.

Example of the “Reveal Secret” page.

Translate all information your client can see

You can translate the “reveal secret” and the email the client will receive.

Limit what site can use the plugin

Before you can send confidential information, you need to generate an API token. You do so by “Creating Sites”.

You can easily switch plugins on and off per domain in the Kaboom web-app.

Also you can manage how many credits are used and by what site.

Pricing

Send Secrets for only 1 credit

At Kaboom we work with credits, if you use our plugins more, you contribute more to keep developing the best plugins we can.

Every new member gets 25 free credits to get you started.

What is the revenue for?

  • Constantly improving our plugins
  • Make sure spammers don’t use our plugins

Download

Download the Send Secrets for WordPress plugin for free. This plugin has been used:

Version: 1.0.5

Frequently Asked Questions

Do I get free credits?

If you sign up you get 25 free credits.

Can credits be refunded?

No, credits purchased once cannot be refunded.

What is the revenue for?
  • Constantly improve our plugins
  • Make sure spammers don’t use our plugins

Error codes

Encounter an error?

ERROR 001

Complete error message: ERROR 001: API key not valid.

This error suggest that the API key filled in into step 6 isn’t valid.

ERROR 002

Complete error message: ERROR 002: The domain used for the post request is not the same as set in your site settings @ https://app.kaboom.website.

This error suggest that the domain name setup at the Kaboom dashboard is different than the domain where the plugin is used at. The domain is set up while generating a API token as described in step 2.

ERROR 003

Complete message: ERROR 003: Not enough credits to send secret.

This error suggest that you don’t have enough credits left into your account. Please consider to purchase credits.

ERROR 004

Complete message: ERROR 004: This plugin is not activated for this API token.

This error suggest that you didn’t activate the Send Secrets via WordPress plugin for your site. How to do this is described in step 3.

ERROR 005

Complete message: ERROR 005: Password not valid!

This error suggest that the password provided by the client does not match the password in our database.

ERROR 006

Complete message: ERROR 006: The domain used for receiving the password is not the same as set in your site settings @ https://app.kaboom.website.

This error suggest that the domain name setup at the Kaboom dashboard is different than the domain where the plugin is used at. The domain is set up while generating a API token as described in step 2.