diff --git a/bin/now-secrets b/bin/now-secrets
index 0effad1..f25fb86 100755
--- a/bin/now-secrets
+++ b/bin/now-secrets
@@ -122,6 +122,24 @@ async function run (token) {
       error(`Invalid number of arguments. Usage: ${chalk.cyan('`now secret rm <id | name>`')}`);
       return exit(1);
     }
+    const list = await secrets.ls();
+    const theSecret = list.filter((secret) => {
+      return secret.uid === args[0]
+          || secret.name === args[0];
+    })[0];
+
+    if (theSecret) {
+      const yes = await readConfirmation(theSecret);
+      if (!yes) {
+        console.log('woot');
+        error('User abort');
+        return exit(0);
+      }
+    } else {
+      error(`No secret found by id or name "${args[0]}"`);
+      return exit(1);
+    }
+
     const secret = await secrets.rm(args[0]);
     const elapsed = ms(new Date() - start);
     console.log(`${chalk.cyan('> Success!')} Secret ${chalk.bold(secret.name)} ${chalk.gray(`(${secret.uid})`)} removed ${chalk.gray(`[${elapsed}]`)}`);
@@ -171,3 +189,23 @@ process.on('uncaughtException', (err) => {
   handleError(err);
   exit(1);
 });
+
+function readConfirmation (secret) {
+  return new Promise((resolve, reject) => {
+    const time = chalk.gray(ms(new Date() - new Date(secret.created)) + ' ago');
+    const tbl = table(
+      [[secret.uid, chalk.bold(secret.name), time]],
+      { align: ['l', 'r', 'l'], hsep: ' '.repeat(6) }
+    );
+
+    process.stdout.write('> The following secret will be removed permanently\n');
+    process.stdout.write('  ' + tbl + '\n');
+
+    process.stdout.write(`${chalk.bold.red('> Are you sure?')} ${chalk.gray('[yN] ')}`);
+
+    process.stdin.on('data', (d) => {
+      process.stdin.pause();
+      resolve('y' === d.toString().trim().toLowerCase());
+    }).resume();
+  });
+}