Design the link for the job
Not every secret should vanish at the same pace. A bank verification code, a contractor password, and a deployment token each have different lifetimes and risk levels. The link design should reflect that.
Use the shortest expiration window that still fits the real workflow. If the recipient needs five minutes, do not leave the secret active for a week just because it is convenient.
Good habits for temporary links
Keep the link itself out of public channels, and keep the password or passphrase out of the same channel whenever possible. Splitting those two pieces lowers the chance that a single log or screenshot reveals everything.
Also consider the human side. Clear wording and visible status labels help recipients understand whether the link is still active, already viewed, or expired. Security tools work better when the state is obvious.