Three Ways to Share
Choose the sharing method that fits your security needs
Shareable Links
Generate secure links with optional passwords and expiration dates
Unique encrypted URLs
Optional password protection
Set expiration dates
Track access (Professional plan)
User-Based Sharing
Share directly with other Nygma users by email or username
End-to-end encrypted sharing
Permission management
Revoke access anytime
Shared folder support
Download Controls
Control whether recipients can download or only view files
View-only mode
Download restrictions
Watermark support (coming soon)
Screenshot prevention (mobile)
Granular Permission Control
Set exactly what recipients can do with your files
View Only
Recipient can view files but not download
Best For:
Client previews, confidential documents
Download
Recipient can view and download files
Best For:
Team collaboration, file delivery
Full Access
Recipient can view, download, and reshare
Best For:
Trusted partners, long-term collaborators
Built-In Security Features
Expiration Dates
Set automatic expiration for shared links. After expiration, link becomes invalid and files are no longer accessible.
Password Protection
Add an extra layer of security with password-protected shares. Recipient must know both the link and password.
Access Tracking
Monitor who accessed your shared files and when (Professional plan). Get notifications on first access.
Revoke Anytime
Changed your mind? Revoke access instantly. All active shares can be disabled with one click.
How Secure Link Sharing Works
Share Dialog
What you see in Nygma
How It Works
Behind the scenes, here's what happens
File Already Encrypted
Your file is already encrypted with your master key on your device
🔒 document.pdf.enc
Encrypted with AES-256-GCM
Generate Share Key
Create a unique encryption key specifically for this share
🔑 share_key: a7b3c9d2e5f1...
Unique per share, random 256-bit key
Embed Key in URL
Share key is embedded in the link fragment (after the #)
https://nygma.genie9.com/s/abc123#key=a7b3c9...
Server sees: /s/abc123
Cannot decrypt without key
URL fragment (after #) is never sent to the server
Server cannot see or access the decryption key
Recipient Decrypts
Recipient's browser extracts key from URL and decrypts in real-time
Browser decryption only
File decrypted client-side using key from URL fragment
Zero-Knowledge Maintained
The Nygma server never sees the decryption key because it's in the URL fragment (after #), which browsers never send to servers. All encryption and decryption happens in your browser, maintaining true zero-knowledge security even when sharing files.
Nygma vs Traditional File Sharing
| Feature | Nygma | Traditional Services |
|---|---|---|
| End-to-end encryption | ||
| Zero-knowledge sharing | ||
| Password protection | ||
| Expiration dates | ||
| View-only mode | ||
| Access tracking | ||
| Provider can see shared files | ||
| Can comply with data requests |