The gap between "encrypted" and "gone"
An app can be encrypted and still hold onto everything you've ever typed — copied to every device you own, backed up, sitting there for years.
Encryption means your message is scrambled while it travels, so no one can read it in transit. It says nothing about whether the message still exists once it arrives. Most secure apps encrypt the message in transit, then quietly save it anyway — in your chat history, in a backup, in whatever data they use to keep you engaged.
That's not a flaw in the encryption. It's a separate decision about what happens after delivery. For most apps, keeping everything is the default — not something you opted into.
- 📊 Chat history helps apps show more relevant ads
- 🔁 Deleting your account usually doesn't delete what you already sent
- 🗄️ Retained messages are easier to hand over if legally required
- 📱 Cross-device sync and cloud backups both need a permanent copy somewhere
What "end-to-end encrypted" actually covers
End-to-end encryption means the message is locked on your device and only unlocked on the recipient's — the company relaying it in between can't read the contents. That's a real, meaningful protection. But it only covers the trip. It says nothing about the copy sitting in your chat history, or the unencrypted version a cloud backup might store separately. Two apps can both be "end-to-end encrypted" and differ completely on what happens to the message five minutes after it's read.
Four things people mix up when they say "encrypted chat"
Search "encrypted chat" and the results span very different products. Here's the difference:
Why "nothing kept" is rare
It's not a technical limitation. A message can wait just long enough to reach an offline recipient, then get discarded — holding something briefly isn't the same as keeping it permanently. The more common reason apps retain everything is business, not architecture: stored messages are worth something, for ads, engagement, or having something to hand over if requested. An app that stores nothing has nothing to sell and nothing to hand over.
Why skip the account entirely
Most chat apps tie every conversation to an identity — a phone number, an email, a login that persists across every room you've ever joined. That identity is itself a stored asset, separate from message content: it links your device to every conversation you've had, and it's what a subpoena or breach actually targets. A room with no account isn't just faster to join — there's no persistent identity for a leak or legal request to attach the conversation to in the first place.
When you want messages that disappear
- 🗑️ No record should exist at all — legal, medical, financial, or personal conversations where the safest copy is no copy
- 👤 No account should be attached to the conversation — nothing to get hacked, subpoenaed, or leaked later
- ⏱️ The conversation only matters in the moment — logistics, a negotiation, a decision with no value once it's made
- 🧯 A single action should wipe the conversation for everyone — not a timer that has to be remembered
When it's the wrong tool
- 📚 Old messages need to be searchable months later — turn saving on, or use an app built for that
- 🔄 The same conversation needs to sync across devices for months — apps like Signal are built for that
- 📋 Messages need to be retained for work or legal reasons — disappearing messages are the opposite of that
- ⏳ The recipient might not check the app for days — turn saving on for that conversation
How DayJabber does it
Every room creates a new key exchange in the browser, and the message is encrypted before it leaves the device. DayJabber's servers only ever receive the encrypted version. Nothing is saved unless saving is turned on, and Wipeout instantly clears the whole room for everyone in it, any time.
Locked from the moment you hit send
The message is encrypted before it leaves your device — nothing to turn on, it's the default.
Nothing kept, unless you say so
Messages aren't saved anywhere unless that's turned on. Wipeout clears messages in a room for everyone in it, instantly.
No sign-up required
No email, no phone number, no account. A room name, a password, and a display name — that's it.
You decide what's saved
Anything that reduces privacy is opt-in and clearly labeled. Never on by default.