Security is built into how HeftySend works, not bolted on afterwards. Here is what protects your files.
Encryption in transit
All files uploaded to and downloaded from HeftySend are transferred over encrypted HTTPS connections. This means the data travelling between your browser and our servers cannot be intercepted and read by anyone in between.
Unique, unguessable links
Every transfer gets a unique link generated from a random combination of characters. This makes it effectively impossible to guess a transfer link by trial and error. Only someone who has the exact link can access the files.
HeftySend does not index or list transfers anywhere publicly. The only way to access a transfer is through the direct link.
Optional password protection
For an extra layer of security, you can add a password to any transfer. Recipients need to enter the password before the download page is shown. This is especially useful for sensitive files where you want to make sure only the right people have access.
See Protecting your transfer with a password for more.
Automatic expiry
Transfers expire automatically based on the expiry date you set. Once expired, the link stops working and the files are removed from storage. This means sensitive files do not sit around indefinitely.
To control how long your transfers are available, see Setting expiry dates on your transfers.
Your account access
HeftySend uses magic link login, which means there is no password for your account that could be guessed or stolen. See Magic link login explained for how this works.