ZeroTwo’s sharing feature creates fully public links with no access control. Before you share, understand what that means and what to check.
The key thing to know
Shared links are public by default. Anyone with the URL can view the content — no ZeroTwo account, no password, no login required. There is no way to restrict access to specific people or require authentication.
No notifications, no analytics
You are not notified when someone views your shared link. ZeroTwo does not track view counts, viewer identities, or access times. Once you create a link, you have no visibility into who uses it.
Links are permanent until revoked
Shared links do not expire automatically. A link you create today will remain active indefinitely unless you explicitly revoke it in Settings → Data Controls → Shared Links.
If you share something temporarily (e.g., for a one-time review), you need to manually revoke it when you’re done.
What to check before sharing a chat
Before sharing a conversation, scan the entire thread for:
- Credentials and secrets — passwords, API keys, access tokens, private keys, database connection strings
- Personal information — full names with addresses, phone numbers, email addresses, ID numbers
- Confidential business data — financials, unreleased product plans, M&A details, internal strategy, pricing structures
- Third-party information — details about people who didn’t consent to having their information shared publicly
- Medical or financial information — health conditions, insurance details, banking or investment data
- Legal information — attorney communications, contracts under NDA
Use the “Share from here” option to share only the relevant portion of a long chat, rather than the entire thread. This limits exposure to earlier messages that may contain sensitive context.
What to check before sharing a canvas
Canvas documents often contain more structured, dense information. In addition to the personal and business data checks above, specifically look for:
- API keys or tokens in code blocks — easy to miss when reviewing code
- Database credentials — connection strings, usernames, passwords
- Environment variables —
.env values, config files with secrets
- Internal URLs or hostnames — internal infrastructure identifiers
- Proprietary algorithms or business logic — code that represents competitive IP
Deleting content does not auto-revoke
If you delete a chat or canvas that has an active shared link, the link is dead — but it is not automatically revoked from your Shared Links list. The same is true in reverse: revoking a link doesn’t delete the underlying chat.
Best practice: revoke a share link explicitly before or when you delete the associated content.
Business plan note
On the Business plan, organization administrators may have access to information about shared links created by members, in accordance with your organization’s data policy. Check with your IT or security team to understand your organization’s specific policies around sharing.
Best practices
| Practice | Why it matters |
|---|
| Revoke links when done | Prevents ongoing access to content that’s no longer meant to be public |
| Don’t share chats with secrets | Credentials shared in chat are visible to anyone with the URL |
| Use “Share from here” for long chats | Limits exposure to only the relevant part of the conversation |
| Audit your shared links periodically | Catch and revoke forgotten links before they become a problem |
| Revoke before deleting content | Keeps your Shared Links list accurate and avoids orphaned entries |
| Think twice before sharing with sensitive context | Conversations that touch on business strategy, finances, or personal data should rarely be shared publicly |
How to audit and clean up
- Go to Settings → Data Controls → Shared Links
- Review all active links — check when each was created and what it points to
- Revoke any link that:
- You no longer need to be active
- Points to content that may have contained sensitive information
- You don’t recognize or can’t recall creating
- Click Revoke All if you want to clear everything and start fresh
