diff --git a/api.go b/api.go
index 3acd5cb..b3a22ed 100644
--- a/api.go
+++ b/api.go
@@ -63,12 +63,15 @@ func (a apiServer) handleCreate(res http.ResponseWriter, r *http.Request) {
 	}
 
 	var (
-		expiry = cfg.MaxSecretExpiry
+		expiry = cfg.DefaultSecretExpiry
 		secret string
 	)
 
 	if !cust.DisableExpiryOverride {
-		if ev, err := strconv.ParseInt(r.URL.Query().Get("expire"), 10, 64); err == nil && (ev < expiry || cfg.MaxSecretExpiry == 0) {
+		if cfg.DefaultSecretExpiry == 0 && cfg.MaxSecretExpiry > 0 {
+			cfg.DefaultSecretExpiry = cfg.MaxSecretExpiry
+		}
+		if ev, err := strconv.ParseInt(r.URL.Query().Get("expire"), 10, 64); err == nil && (ev <= cfg.MaxSecretExpiry || cfg.MaxSecretExpiry == 0) {
 			expiry = ev
 		}
 	}
diff --git a/frontend/index.html b/frontend/index.html
index 8e9e77a..3ded167 100644
--- a/frontend/index.html
+++ b/frontend/index.html
@@ -47,6 +47,8 @@
 
       // Template variable from Golang process
       const maxSecretExpire = {{ .MaxSecretExpiry }}
+      const defaultSecretExpire = {{ .DefaultSecretExpiry }}
+
       const version = "{{ .Version }}"
       window.OTSCustomize = JSON.parse('{{ .Customize.ToJSON }}')
       window.useFormalLanguage = {{ .Customize.UseFormalLanguage | mustToJson }}
diff --git a/main.go b/main.go
index 707a4ab..e92634b 100644
--- a/main.go
+++ b/main.go
@@ -27,12 +27,13 @@ const scriptNonceSize = 32
 
 var (
 	cfg struct {
-		Customize       string `flag:"customize" default:"" description:"Customize-File to load"`
-		Listen          string `flag:"listen" default:":3000" description:"IP/Port to listen on"`
-		LogLevel        string `flag:"log-level" default:"info" description:"Set log level (debug, info, warning, error)"`
-		MaxSecretExpiry int64  `flag:"max-secret-expiry" default:"0" description:"Maximum expiry of the stored secrets in seconds"`
-		StorageType     string `flag:"storage-type" default:"mem" description:"Storage to use for putting secrets to" validate:"nonzero"`
-		VersionAndExit  bool   `flag:"version" default:"false" description:"Print version information and exit"`
+		Customize           string `flag:"customize" default:"" description:"Customize-File to load"`
+		Listen              string `flag:"listen" default:":3000" description:"IP/Port to listen on"`
+		LogLevel            string `flag:"log-level" default:"info" description:"Set log level (debug, info, warning, error)"`
+		MaxSecretExpiry     int64  `flag:"max-secret-expiry" default:"0" description:"Maximum expiry of the stored secrets in seconds"`
+		DefaultSecretExpiry int64  `flag:"default-secret-expiry" default:"0" description:"Default expiry of the stored secrets in seconds"`
+		StorageType         string `flag:"storage-type" default:"mem" description:"Storage to use for putting secrets to" validate:"nonzero"`
+		VersionAndExit      bool   `flag:"version" default:"false" description:"Print version information and exit"`
 	}
 
 	assets   file_helpers.FSStack
@@ -154,8 +155,9 @@ func main() {
 
 	// Start server
 	logrus.WithFields(logrus.Fields{
-		"max_secret_expiry": time.Duration(cfg.MaxSecretExpiry) * time.Second,
-		"version":           version,
+		"max_secret_expiry":     time.Duration(cfg.MaxSecretExpiry) * time.Second,
+		"default_secret_expiry": time.Duration(cfg.DefaultSecretExpiry) * time.Second,
+		"version":               version,
 	}).Info("ots started")
 
 	if err = server.ListenAndServe(); err != nil {
@@ -209,15 +211,17 @@ func handleIndex(w http.ResponseWriter, _ *http.Request) {
 	w.Header().Set("X-Content-Type-Options", "nosniff")
 
 	if err := indexTpl.Execute(w, struct {
-		Customize          customization.Customize
-		InlineContentNonce string
-		MaxSecretExpiry    int64
-		Version            string
+		Customize           customization.Customize
+		InlineContentNonce  string
+		MaxSecretExpiry     int64
+		DefaultSecretExpiry int64
+		Version             string
 	}{
-		Customize:          cust,
-		InlineContentNonce: inlineContentNonceStr,
-		MaxSecretExpiry:    cfg.MaxSecretExpiry,
-		Version:            version,
+		Customize:           cust,
+		InlineContentNonce:  inlineContentNonceStr,
+		MaxSecretExpiry:     cfg.MaxSecretExpiry,
+		DefaultSecretExpiry: cfg.DefaultSecretExpiry,
+		Version:             version,
 	}); err != nil {
 		http.Error(w, errors.Wrap(err, "executing template").Error(), http.StatusInternalServerError)
 		return
diff --git a/src/components/create.vue b/src/components/create.vue
index 1ed40c6..515ea14 100644
--- a/src/components/create.vue
+++ b/src/components/create.vue
@@ -114,6 +114,8 @@
 </template>
 <script>
 /* global maxSecretExpire */
+/* global defaultSecretExpire */
+
 
 import appCrypto from '../crypto.js'
 import { bytesToHuman } from '../helpers'
@@ -220,7 +222,7 @@ export default {
       fileSize: 0,
       secret: '',
       securePassword: null,
-      selectedExpiry: null,
+      selectedExpiry: defaultSecretExpire,
       selectedFileMeta: [],
     }
   },