Should I rotate keys after a screenshot leak?

Yes—even redacted images mean the secret touched more surfaces; revoke and reissue.

Can HideShot hide JWTs in network tabs?

Box the Authorization header value in DevTools captures before posting.

Is blur ever OK for API keys?

Use black box; tokens are designed to survive partial reads.

Will redaction hide keys in dark-mode terminals?

Solid black covers green-on-black text the same as light themes.

HideShot

Screenshot Redaction

Free · No Signup

Hide API Key Screenshot

Black out tokens before GitHub issues, tweets, and slide decks.

🔒 No upload · Runs in your browser · Instant download

A one-line `.env` capture can leak production keys to search engines when pasted into a public forum. Black boxes over key material are mandatory before any outward share.

HideShot edits locally so keys are not duplicated on a cloud GPU—rotate the credential after exposure even if you redact quickly.

Drop your terminal or dashboard screenshot

Or click to browse · Paste with Ctrl+V also works

PNG · JPG · WebP · GIF

How It Works

Upload

Drop your image in or paste from clipboard.

Pick Mode

Black Box, Blur, or Pixelate.

Select Areas

Rectangle, oval, or freehand lasso — then hide what you selected.

Download

Hit Download PNG. Done.