Temporary Email with Access Code
NukeMail gives you a unique access code in the format NUKE-XXXXXXXXXX when you create an inbox. Use it to return to your email from any device or browser...
What Is an Access Code?
When you create a temporary email on NukeMail, you receive a unique access code in the format NUKE- followed by 10 alphanumeric characters. This code is the only thing tying you to your inbox. There is no username, no password, no email address on file. Just a short string you can write down, paste into a note, or screenshot.
The access code is generated server-side using cryptographically random characters, mixing uppercase letters, lowercase letters, and digits. This gives roughly 839 quadrillion possible combinations, making it effectively impossible for someone to guess your code by trying random strings.
Think of it like a locker key at a train station. You put your stuff in, you get a key, you walk away. Come back with the key and your stuff is there. Lose the key and nobody can help you — but nobody else can get in either.
The code is displayed in your inbox as soon as you create it, and you can copy it with one click. Some users save it in a password manager, others jot it down on paper, and some screenshot it on their phone. The method does not matter as long as you have it when you need it. NukeMail deliberately does not send the access code by email, because that would require having another email address on file — which defeats the privacy model entirely.
Why Not Just Use a Password?
Passwords require identity. You need an email address or username to attach them to, which means the service now knows who you are. That defeats the purpose of a disposable email service. The whole point is that you leave no trace of your real identity.
Access codes eliminate the entire account system. There is no signup form, no "forgot password" flow, no email verification (which would be ironic for a temp email service), and no profile page. You get a code, you use it when you need it, and when your inbox expires, the code stops working.
From a security standpoint, access codes also avoid the risks inherent in password-based systems. There is no password database to breach, no weak password to brute-force, and no password reuse vulnerability. Each access code is unique, randomly generated, and time-limited. When the inbox is deleted, the code becomes inert — it does not protect anything anymore because there is nothing left to protect.
This also means NukeMail has nothing to leak in a data breach. There are no password hashes to crack, no email addresses to expose, no personal data stored alongside your temporary inbox. The access code is the identity, and when the inbox is deleted, the code is meaningless.
Using Your Access Code Across Devices
One of the practical advantages of access codes over cookie-based sessions is portability. If you create a temporary email on your laptop and then need to check it from your phone, you just enter the access code. There is no "log in on another device" flow or QR code to scan.
On the same device and browser, NukeMail remembers your session automatically using a secure cookie. You can refresh the page, close the tab, or open a new one — your inbox stays. The access code is a fallback for when you switch devices, clear your cookies, or use a different browser.
This is particularly useful when signing up for a service on your computer but needing to verify the email from your phone, or vice versa. You are not locked to the device where you created the inbox.
The cross-device flow is straightforward: on the new device, visit NukeMail, click "Have an access code?", paste the code, and you are immediately in your inbox. The new device gets its own session cookie so future visits on that device are automatic. Both devices can have active sessions simultaneously — there is no "logged in elsewhere" limitation or forced logout.
What Happens When Your Access Code Expires
Free access codes remain active for 24 hours after creation, giving you full access to read and receive emails. After 24 hours, the inbox enters a locked state for an additional 13 days. During this locked period, your access code still works — you can see who emailed you and the subject lines — but the email content is inaccessible unless you upgrade to premium.
After 14 days total, the access code is permanently invalidated. The token, all associated email addresses, and all messages are deleted from the database. Entering the code at that point shows a simple message that the inbox has expired.
Premium users keep their access code alive as long as their paid time has not expired. Even after premium time runs out, there is a three-month dormant window before deletion, giving you time to re-up if needed.
How This Compares to Other Temp Email Services
Most temporary email services have no continuity mechanism at all. You open a tab, get a random address, and if you close that tab or clear your cookies, the inbox is gone. Services like 10 Minute Mail and Guerrilla Mail are designed around this ephemeral model — which works for quick verifications but fails for anything that takes more than a few minutes.
Some services assign a recoverable address but require account creation, which collects personal information and defeats the privacy benefit. NukeMail sits in the middle: you get a way to return to your inbox without giving up any personal data. The access code system is the mechanism that makes this possible.
Mailinator takes a different approach by making inboxes public — anyone who knows the address can read the emails. That is convenient but has obvious privacy problems. NukeMail access codes are private to whoever has the code, and the inbox is not accessible through the email address alone.