Sharing passwords safely — why 'just text it' is the wrong default

Sharing credentials — the Netflix password, the shared utility account, the Wi-Fi key, a temporary API credential — is one of the most common real-world password management actions. It is also one of the most routinely done insecurely: passwords texted over SMS, shared via email, sent in Slack DMs, or read aloud over the phone. Each of these methods leaves the credential in plaintext in a communication log that may persist for years and may be accessible to parties beyond the intended recipient.

Password managers provide secure sharing mechanisms, but these mechanisms differ significantly between providers. Some require the recipient to have an account on the same service. Some allow time-limited anonymous link sharing. Some restrict sharing to organisation members. Understanding the available mechanisms — and their limitations — changes how you approach the credential-sharing problem.

The fundamental sharing security requirement is: the credential should not pass through any system where it exists in plaintext that either party didn't explicitly create. End-to-end encryption between sender and recipient, without a readable copy in transit, is the standard.

The assumption 'WhatsApp is end-to-end encrypted so it is safe for password sharing' is partially correct. WhatsApp uses end-to-end encryption for message content. The password is not stored in plaintext on WhatsApp's servers. But it may be stored in plaintext in: the recipient's phone backup (if iCloud or Google Drive backup includes WhatsApp chats and is not encrypted); the sender's backup; any device the conversation is accessed on that has been compromised; and the chat history, which persists indefinitely unless actively deleted. For temporary credentials, this persistence is fine; for long-term high-value credentials, it is not.

A second assumption is that sharing via a password manager requires both parties to have accounts. This is true for most providers but false for Keeper (One-Time Share sends a time-limited encrypted link to anyone) and Proton Pass (secure link sharing without recipient account). Bitwarden Send allows encrypted text and file sharing with anyone — no account required on the recipient's side. These mechanisms provide genuinely secure sharing to non-users.

A third assumption is that access revocation after sharing is not important for personal credentials. For household accounts, this is often correct — the Netflix password shared with a partner doesn't need audit logging. For shared professional or financial accounts, revoking access when a relationship changes (a contractor leaves, a family member moves out) is a genuine security requirement that 'just text it' doesn't support.

The secure sharing mechanisms in this comparison: Bitwarden Send (encrypted text or file sharing via link, no recipient account required; available on all plans); Keeper One-Time Share (encrypted credential link, time-limited, no recipient account required); Proton Pass secure link (encrypted sharing link without recipient account). All three provide end-to-end encrypted sharing to non-users.

For persistent credential sharing within an organisation or family — shared vaults with role-based permissions are more appropriate than one-time links. Bitwarden organisations, Keeper folders, and Dashlane team sharing all support ongoing shared access with the ability to revoke access when needed.

The access revocation question is worth addressing explicitly: sharing via messaging (SMS, Signal, WhatsApp) transfers the credential to the recipient permanently with no mechanism to invalidate it. Sharing via a password manager's mechanism allows removing the recipient's access from the vault side. For credentials that change infrequently, this may not matter practically; for credentials where revocation is a genuine requirement, it does.

Secure sharing mechanisms protect credentials in transit. They do not protect against the recipient making insecure copies — screenshots, copy-paste to a notes app, or simply writing the credential down. Secure sharing transfers secure delivery responsibility from the sender to the recipient after handoff.