RelicRELIC
Copy and paste across devices

Pastebin alternatives, by what you actually need

Pastebin is quick, but the default is public, and public means scraped. If you paste anything you would not post on a billboard, a different tool fits better. This is a Pastebin alternative for each real need: code you want kept, a secret meant for one person, or a paste that vanishes on its own.

Jordan Gibbs July 10, 2026 8 min read

Pastebin has been the reflex for two decades. You dump some text, you get a link, you send the link. That is genuinely useful, and for throwaway snippets that were never sensitive, it is fine. The trouble starts when people treat it as a private drop box, which it was never built to be. A public paste is indexed, crawlable, and fair game for scrapers. If you have ever pasted a config file, a stack trace with a token in it, or a chunk of a private repo, it may not have stayed as private as it felt.

There is now a right tool for each version of the job. Below is why people move off Pastebin, then the alternatives grouped by what you actually need, with the trade-offs stated plainly rather than a leaderboard. Each one earns its place by being better at a specific thing than Pastebin is.

Why people leave Pastebin

The reasons cluster into four honest complaints, and each one points at a different replacement.

  • Public by default. A standard paste is visible to anyone with the link, and Pastebin keeps a public archive. That is the whole point for sharing publicly, and a real hazard the moment you paste something you assumed only your teammate would see.
  • Scraping bots. Public paste sites are a well-known hunting ground for automated scrapers looking for leaked API keys, database credentials, tokens and passwords. Security researchers and attackers both monitor them. A secret pasted to a public URL can be harvested within minutes, long before you remember to delete it.
  • Ads and friction. The free experience is ad-supported, and the cleaner features sit behind Pastebin Pro. Not a dealbreaker, but a nudge to look around.
  • Retention you do not control tightly. You can set an expiry, but the default is often to keep the paste, and a public paste that lingers is a public paste that keeps getting crawled.
The single most important habit: never paste a live secret into anything public, even “just for a minute.” If a credential touches a public paste, treat it as compromised and rotate it. That rule holds no matter which tool you pick below.

For code you want to keep: GitHub Gist

If the thing you are pasting is code, and you might want it again, a GitHub Gistis the natural home. A gist is a small Git repository, so every edit is versioned and you can view the history. Gists can be public (discoverable, indexed, listed on your profile) or secret. A secret gist is unlisted and unindexed, but anyone with the link can still open it, so “secret” here means unlisted, not encrypted.

The trade-off is that a gist ties the snippet to your GitHub account and is not designed to disappear. That is exactly what you want for a reusable snippet or a bug reproduction you will reference again, and exactly what you do not want for a one-time secret. Reach for gists when the value is in keeping the code, not hiding it.

For genuinely private pastes: PrivateBin

PrivateBin is the reference point for private pasting. It is open-source, and the server stores only ciphertext: your paste is encrypted in the browser, and the decryption key lives in the part of the URL after the # symbol, which browsers do not send to the server. The operator of the instance cannot read your paste. You can set it to expire, and to burn after a single read.

The catch is trust and effort. You are relying on whoever runs that PrivateBin instance to run the real, unmodified software, so the strongest setup is to self-host your own. If you have a server and want a private pastebin you fully control, PrivateBin is the answer. If you do not, a hosted instance is still a large improvement over a public paste, as long as you trust the operator.

For something that vanishes: 0x0.st and ephemeral hosts

Sometimes you do not need encryption, you need the paste to not stick around. Minimalist services like 0x0.st and similar temporary file hosts let you push text or a file from the command line and get a short URL back, with the content aging out after a period that depends on its size. No account, no ceremony.

These are excellent for a log you need a colleague to glance at in the next hour, and a poor fit for anything secret, because the link is still an unauthenticated public URL for as long as it lives. Use them as a fast, disposable drop. Read each service’s retention and acceptable-use rules before leaning on it, since small hosts change or disappear.

Inside a company: internal wikis and snippet stores

If the paste only ever needs to reach coworkers, the safest place is usually somewhere the public internet cannot reach at all. Most teams already run one: a self-hosted GitLab or Gitea with its own snippets feature, an internal wiki, or a private channel in your chat tool. Access is tied to your existing accounts and permissions, and nothing leaks to a public URL.

It is less convenient than a one-click public paste, which is precisely the point. For work data, the extra step of putting it behind your company’s login is what keeps it safe, and that is worth the friction.

For a one-time secret or quick scratch: Relic’s free tools

Two of the free tools we built cover the two cases Pastebin handles worst. Neither needs an account.

A secret for exactly one person

When the thing you are sharing is a password, an API key or a private message, use a one-time note instead of a paste. Our private note tool encrypts the text in your browser with AES-256, uploads only the ciphertext, and puts the key in the link fragment so it never reaches the server. The link opens once, then the note is deleted. It is the same encrypt-on-your-device, key-in-the-fragment model as PrivateBin, with nothing to set up. If it is specifically a password you are moving, how to send a password securely compares the safe methods.

A scratchpad that never leaves your machine

If you were only using Pastebin as a place to park text for yourself, you do not need a URL at all. Our online notepad auto-saves to your own browser and never sends the text anywhere, so it survives a refresh without ever touching a server. It is the local-only version of a scratch paste.

The comparison, at a glance

Match the row to what you are protecting. Encryption means the operator cannot read the content. Expiry control means you decide when it is gone. Self-hostable means you can run it yourself and trust no one else.

Private notePrivateBinGitHub Gist0x0.stPastebin
Encrypted (operator can't read)
Expiry / burn control
Self-hostable
No account needed
Best forOne-time secretPrivate pasteReusable codeDisposable dropPublic snippet

So which one?

  • Reusable code or a bug repro: a GitHub Gist, secret if it should not be listed.
  • A private paste you fully control: self-hosted PrivateBin.
  • A password or key for one person, once: an encrypted one-time note.
  • A log to glance at and forget: an ephemeral host like 0x0.st.
  • Anything work-related: your team’s internal wiki or snippet store.
  • Truly public sharing: Pastebin is still fine. Just never for secrets.

The one line to remember: let what you are protecting pick the tool for you. Public paste sites are great at being public. For everything else, one of the options above fits better.

Written by
Jordan GibbsFounder, Relic

Jordan Gibbs is the founder of Relic, an end-to-end encrypted, permanent, searchable memory for everything you copy. He writes widely about AI, agents, and practical tooling on Medium, where he is read by tens of thousands, and builds privacy-first software. Here he covers how everyday tools like the clipboard actually work, and how to use them without handing your data to someone else.

MediumGitHubLinkedIn
Part of
Copy and paste across devices
Keep reading
Pillar·8 min

How to copy and paste between your phone and computer

You copy a link on your phone and want it on your laptop, or the other way around. The real ways to move text between phone and computer, on every platform pairing.

Read
6 min

How to send a link from your phone to your computer

Getting a single link from your phone to your computer should take seconds. The quickest methods on iPhone and Android, and the reliable fallback when they fail.

Read
6 min

Universal Clipboard not working

Universal Clipboard relies on a stack of settings all being right at once, so one wrong toggle breaks it. A checklist to fix copy and paste between Mac and iPhone.

Read
privacysecuritycomparison