10 Things You Should Never Send Over Regular Chat Apps
March 20, 2026
Chat apps are convenient. Whether it's WhatsApp, Telegram, Slack, iMessage, or Facebook Messenger, we use them every day to communicate quickly with friends, family, and coworkers. But that convenience comes with a cost that most people don't think about until something goes wrong.
The problem is not that these apps are necessarily insecure in transit. Many of them use encryption while your message travels from your phone to the recipient's. The real problem is what happens after the message arrives: it sits there. In a chat history. On multiple devices. Backed up to the cloud. Searchable. Accessible to anyone who picks up the phone, guesses the PIN, or gets into the account.
Some things are simply too sensitive to leave a permanent record of. Here are ten categories of information you should never send through a regular chat app.
1. Passwords
This is the most obvious one, and yet it happens constantly. Someone needs to share a Netflix login, a work account credential, or a Wi-Fi password, and they just type it into a chat message.
That password now lives in the chat history of both parties, on every device they use, and possibly in a cloud backup. If either account is ever compromised, every password ever sent through that chat is exposed. And since most people reuse passwords, one leaked credential can cascade into many breached accounts.
The safer alternative is to use a self-destructing note. Paste the password into a tool like selfdestructingnotes.org, send the one-time link over chat instead, and the actual password never touches the chat history at all. Once the recipient opens it, the note is gone permanently.
2. Credit Card Numbers
Sending your card number, expiration date, and CVV over chat is essentially writing that information on a sticky note and leaving it on your desk forever. Chat logs are rarely cleaned up. If you send your card details to help a family member make a purchase, that information might still be sitting in their inbox years later.
If you must share payment details with someone you trust, use a self-destructing note or, better yet, make the purchase yourself and have them pay you back.
3. Social Security Numbers and National ID Numbers
Your Social Security number, passport number, or national ID is the skeleton key to your identity. With it, someone can open credit accounts in your name, file fraudulent tax returns, or impersonate you in legal or medical contexts.
Yet people send these over chat all the time, usually in a rush, usually thinking it's fine just this once. It only takes one compromised device or account for that number to end up in the wrong hands. There is no good reason to send it over a chat app.
4. Bank Account Details
Account numbers and routing numbers sent over chat are a gift to anyone who manages to access either party's messages. With those two numbers, a fraudster can set up unauthorized direct debits or attempt wire transfers. Unlike credit card fraud, bank account fraud is often harder to reverse and can take weeks to resolve.
If you need to share account details for a legitimate payment, use your bank's secure messaging system or share the information verbally over a phone call.
5. Private Medical Information
Health information is deeply personal. Sharing a diagnosis, test result, prescription detail, or medical history over chat might feel natural in the moment, especially with close family. But that information now exists in a chat log that could be accessed by a third party, subpoenaed in a legal dispute, or simply read by someone who picks up the phone.
In many countries, medical privacy is protected by law precisely because of how sensitive this information is. Treat it accordingly.
6. Two-Factor Authentication Codes
One-time codes sent by SMS or generated by an authenticator app are specifically designed to be used once and immediately discarded. Forwarding them over chat defeats the purpose entirely.
Beyond that, if someone is asking you to send them a 2FA code over chat, that is a major red flag. Legitimate services will never ask you to forward a one-time code to another person. This is a common social engineering tactic used in account takeover scams.
7. Private Photos and Videos
Once you send a photo or video through a chat app, you lose control over it completely. The recipient can screenshot it, forward it, save it, or back it up to cloud storage. Even apps that claim to offer disappearing photos, like Snapchat, cannot prevent a simple screenshot.
This applies to any private image, not just intimate ones. Photos of documents, handwritten notes, or anything containing sensitive visual information should be shared through more controlled channels if they need to be shared at all.
8. Legal Documents and Contracts
Sending a signed contract, legal agreement, or sensitive legal correspondence over a consumer chat app is risky in several ways. These files can be forwarded without your knowledge, stored in the recipient's cloud backup, or accessed during a legal dispute. Consumer chat apps have no confidentiality protections equivalent to, say, a lawyer's secure client portal.
For legal documents, use encrypted file transfer services or the secure systems provided by your legal counsel.
9. Confidential Work Information
This one catches people out regularly. Employees often default to WhatsApp or iMessage to share work-related files, client information, or internal strategy discussions because it's faster than going through official channels.
But consumer chat apps fall outside your company's data security policies, are not monitored or controlled by your IT department, and in many industries could expose your employer to regulatory liability. If your company doesn't provide a secure internal communication tool, raise the issue. If it does, use it.
It is also worth noting that Slack, while designed for business, stores all message history on its servers and makes it fully searchable by workspace administrators. Anything you send on a work Slack is visible to your employer.
10. Anything You Would Not Want Screenshotted
This is the catch-all rule. Before sending any message, ask yourself: if this were screenshotted and shared publicly, or read by someone other than the intended recipient, would that be a problem?
Chat apps create permanent records by default. Rants about colleagues, venting about personal situations, controversial opinions, sensitive negotiations, embarrassing admissions. All of it sits in a log that can be forwarded, screenshotted, or subpoenaed. Think twice before sending anything you would regret seeing out of context.
The Common Thread: Permanence
All ten of these categories share the same underlying problem. Chat apps are designed to keep records. That is actually a feature most of the time. You can scroll back through years of conversation, search for a link someone sent you, or revisit an important discussion. But for sensitive information, that permanence becomes a liability.
The solution is not to stop using chat apps. It is to be deliberate about what you put in them. For anything sensitive, ask whether there is a better channel: a phone call, a secure file transfer, a password manager, or a self-destructing note that leaves no trace once it has been read.
A Quick Reference
| What to share | Better alternative to chat |
|---|---|
| Passwords | Self-destructing note or password manager |
| Credit card numbers | Self-destructing note or phone call |
| Social Security / national ID | Phone call or in person |
| Bank account details | Bank's secure portal or phone call |
| Medical information | Secure health portal or phone call |
| 2FA codes | Never share these with anyone |
| Private photos/videos | Encrypted file transfer |
| Legal documents | Secure legal portal or encrypted email |
| Confidential work info | Company-approved secure tools |
| Anything screenshot-worthy | Phone call or in person |
Taking a few extra seconds to choose the right channel for sensitive information is one of the simplest habits you can build for better personal security. Your chat history is not as private as it feels.
Need to share something sensitive right now? Create a free self-destructing note that disappears after being read.