Share permalink lifetimes now scale by plan
Anonymous scan permalinks now persist for 1 day, signed-in free accounts for 5 days, and Pro for 30 days. Same indexable /r/[token] page, same SVG badge, just lifetime tuned to how the share is most likely to be used.
What changed
When we shipped shareable scan permalinks earlier this week, the policy was simple: 30 days for anonymous, forever for signed-in. After watching how shares actually get used, we tightened it.
New lifetimes: anonymous 1 day, free signed-in 5 days, Pro (and trialing Pro) 30 days. Every other behavior, the score gauge, findings list, dynamic Open Graph image, embeddable SVG badge at /badge/[token], is unchanged.
Why these numbers
Most anonymous shares are sent in the moment: "hey, look at this score." 24 hours covers a same-day Slack thread, an evening review, and the next morning, which matches how that flow plays out in practice.
Free signed-in users get five days because they're more likely to use shares in tickets, async reviews, and follow-ups across a normal work week. The same five days also covers a typical Monday→Friday cadence so a share posted on Monday is still live for the Friday wrap-up.
Pro stays at 30 days because Pro is where teams keep shared scans alongside compliance reviews, vendor onboarding, and incident postmortems. A month is enough that a permalink in a Linear issue is still live when someone returns to it after a sprint.
What you'll notice
After clicking "Copy share link" you now see a small line under the URL like "Anonymous share, expires in 1 day." This makes the lifetime obvious before you paste the link somewhere it might outlive its usefulness.
The /pro page calls out 30-day shares as a Pro benefit. Existing permalinks created under the old policy keep their original expiry, we don't retroactively shorten anything.
Quality of life
We also tightened a few details around the share flow this week so the "Copy share link" button only appears when sharing is fully ready, and so generated links validate consistently after a copy-paste cycle. None of this changes the public scan output or the per-finding view.
Try a scan on scorifya.com, read how we score, or see Pro for unlimited scans and exports.
Get a weekly digest
New KEV CVE notices and (later) score changes on the domains you watch. One email a week, easy unsubscribe. We don't share or sell your address.
By subscribing you confirm you can receive transactional security updates from Scorifya at this email.