- End-to-end encryption with key in the fragment (#), which does not travel to the server.
- Lifetime control: deletion, expiration, and maximum access; up to 500 MB (100 MB on mobile).
- Advanced Privacy: Optional password, hide email, and manual text visibility.
- Available on web, extension, desktop, mobile, and CLI; no account for the recipient.
Sharing sensitive information shouldn't be a leap of faith: family passwords, legal documents, tax information, or WiFi passwords They need a secure channel that doesn't remain in the hands of third parties forever. That's where Bitwarden Send, a utility designed to send text or files with end-to-end encryption, expiration options, and fine-grained access controls.
In this article, you'll find a complete and practical guide on what Bitwarden Send is, how it works, and how to use it on the web, the browser extension, desktop, mobile, and even from the command line. The idea is that you can Share with peace of mind, limit exposure, and maintain control down to the last detail, no matter which channel you use to share the link.
What is Bitwarden Send and what is it used for?
Bitwarden Send is a secure and ephemeral way to transmit content that can be text (up to 1000 encrypted characters) or files (up to 500 MB, or 100 MB on mobile)Each submission generates a random link that you can share with anyone, even if they don't have a Bitwarden account, via any channel you prefer: email, messaging, SMS, etc.
The beauty of it is that each Send is designed to disappear when you decide: expires, is deleted and/or is no longer available depending on the settings you select. This prevents your information from being "perpetually" stored in inboxes or chats over which you have no control.
In addition, the content goes end-to-end encryption From the outset, it is stored in Bitwarden's systems in encrypted form as a vault item, and the link contains no human-readable information about what you share. In other words, Bitwarden doesn't know the content and neither do the intermediaries that carry the link.
The use case ranges from sending a WiFi key or a one-time password, to transfer a contract or a PDF with personal dataCompared to unencrypted email (which is still plain text in too many cases), Bitwarden Send provides that extra bit of privacy that's sorely lacking in everyday exchanges.
Encryption, links, and how it works under the hood
When you create a Send, the client generates a link that includes, after the fragment or hash (#), two pieces: the shipment identifier and the key needed to decrypt it. This design is very well thought out because, as Mozilla's documentation explains, the part after # is never sent to the server.
In practice, a link might look like this: https://send.bitwarden.com/#ID/CLAVE. It can also automatically resolve to https://vault.bitwarden.com/#/send/…, and if you self-host, it will have the domain you use, for example https://tu.dominio.autohospedado/#/send/…This structure ensures that the server never sees the key.
The simplified flow is: the client requests the metadata of the Send, the server responds with the encrypted blob, and The browser decrypts locally thanks to the key present in the fragmentWithout that key, the content is useless. Bitwarden Send, by design, has zero knowledge of the content.
Keep in mind an important caveat: the link itself grants full access to the Send while it's active. This means that if someone intercepts the link, they could view it. That's why it's highly recommended. Protect the Send with a password and send it through a different channel (for example, link by email and password by SMS or call).
Privacy and expiration controls
Bitwarden Send is flexible enough to tailor privacy to your needs. You can define a elimination period (after which the contents are completely purged), a expiration date (when the link stops working but the Send remains in your vault, available on web and desktop apps) and a maximum number of accesses (to limit how many times it can be opened).
By default, shipments are scheduled to be deleted after 7 days, although you can change this. In any case, the maximum shelf life is 31 daysThis ephemeral behavior reduces the exposure surface and prevents information from wandering indefinitely across third-party services.
At the extra privacy level, you have the option to hide your email to the recipient and to protect the link with a passwordFor text messages, you can require the recipient to click "show" to avoid prying eyes over your shoulder (the classic "shoulder surfing").
If a relevant lifecycle event occurs (for example, the link expires or the maximum number of hits is reached), in the Send view you will see status icons They clearly indicate this to you. This makes it easy to keep track without having to remember dates.
Create and share a Send on web, extension, desktop, and mobile
The basic flow is always the same: first you create the Send with the privacy options you need, and then, copy the link to share it through the channel of your choice. The Send view is available in all Bitwarden apps and is accessed from the navigation.
Web: Go to the web app, go to “Send” and tap “New Send”. Choose Text or File, assign a recognizable name, and adjust options such as deletion, expiration, maximum access, password, notes, or hiding the email. Save it, and from the sending options menu, copy the link to spread it.
Browser extension: Open the “Send” tab, click “New,” and select Text or File. Define the name and content, and expand “Options” if desired. change default deletion (7 days), set expiration, access limit, password, etc. When you save, you can copy the link immediately or later from the Send view.
Desktop: In the desktop app, go to the Send tab and tap the add icon. Fill in the right panel with Name and Type (Text or File), adjust the options, and save. Then, use "Copy Link" and share it however you like: email, chat, text, etc.
Mobile: On iOS or Android, go to the Send tab and tap “Add.” Fill in the fields, open “Additional Options” as needed, and save. When you create the send, your mobile system will automatically will show you the sharing menu and you can easily resend the link. Remember that on mobile, the file limit is 100 MB.
CLI: If you're working with a terminal, you can also create submissions from the command line. Example commands to generate Send text or file and set a deletion date X days in advance. This is useful for automating tasks or integrating into internal scripts.
As a practical detail, on the desktop you can check the box to copy the link when saving, so you don't have to go back to the tab to retrieve it. It's a small thing, but it speeds things up a lot when you send multiple items in a row.
Receiving a Send: What the recipient sees and what they should check
One of the advantages of Bitwarden Send is that the recipient doesn't need a Bitwarden account. The link is enough to open the content. as long as it remains active and meets the conditions that you have configured (password, access, expiration…).
Depending on what you mark, the recipient may need to enter a password, manually confirm that you want to see the text (so as not to display it all at once on the screen) or simply download/open the file. If the upload requires a password, remember to communicate it through a different channel to the one in the link.
By default, emails display the sender's email address. If you choose to hide it, Bitwarden will display a generic warning. In that case, the advice for the recipient is clear: validate with the sender by another means that the link is correct and that the reception was planned.
Verification best practices: If you were expecting the Send, confirm with the sender that the URL matches; if it's unexpected, try to identify the supposed sender first; and if you can't confirm it, avoid interacting with the linkWhen a Send is deleted, expired, or disabled, opening it will display a screen indicating that it no longer exists or is unavailable.
Fine details of the link and practical security
Going a little deeper into the link: after the hash (#) appears the SendID and keyThe first identifies the transmission, and the second allows its contents to be decrypted locally in the browser. The server handles encrypted storage and minimal metadata, but never receives the key.
This "snippet/key on client" approach means that the link contains all the information needed for access. Therefore, there are two golden rules: password protect and send it through a different channel; and limit the lifetime and number of accesses. This way, even if the link remains in an inbox that is later leaked, it won't work anymore because the submission will have been deleted or expired.
Another advantage is that when you configure expiration or deletion, you can make them match your internal policies. For example, if a process requires 14-day purge, is set as deleted; if you'd prefer to keep the submission visible in your vault but inactive to others, you can set an expiration date (available on web and desktop).
And if you work with multiple platforms, remember the limits: 500 MB for files on web/desktop and 100 MB on mobileIf the file is larger, it's a good idea to use a secure transfer option or split it before attaching it.
Bitwarden Send fills the “send now, forget later” gap with a solid approach: End-to-end encryption, fragment that does not travel to the server, optional passwords, expiration and purgingWhether it's email, Slack, SMS, or whatever you use, you're in control, and that makes all the difference when it comes to sensitive data.
Editor specialized in technology and internet issues with more than ten years of experience in different digital media. I have worked as an editor and content creator for e-commerce, communication, online marketing and advertising companies. I have also written on economics, finance and other sectors websites. My work is also my passion. Now, through my articles in Tecnobits, I try to explore all the news and new opportunities that the world of technology offers us every day to improve our lives.