Give your users the tools to be secure by default.

Password Pusher is an open source application to communicate sensitive information over the web. Secret links expire after a certain number of views and/or time has passed.

Hosted at pwpush.com but you can also easily run your own private instance with just a few steps.

• Easy-to-install: Host your own via Docker, a cloud service or just use pwpush.com
• Open Source: No blackbox code. Only trusted, tested and reviewed open source code.
• Versatile: Push passwords, text, files or URLs that auto-expire and self delete.
• Audit logging: Track and control what you've shared and see who has viewed it.
• Encrypted storage: All sensitive data is stored encrypted and deleted entirely once expired.
• Host your own: Database backed or ephemeral, easily run your own instance isolated from the world.
• JSON API: Raw JSON API available for 3rd party tools or command line via curl or wget.
• Command line interface: Automate your password distribution with CLI tools or custom scripts.
• Logins: Invite your colleagues and track what is pushed and who retrieved it.
• Admin Dashboard: Manage your self-hosted instance with a built in admin dashboard.
• Internationalized: 29 language translations are bundled in. Easily selectable via UI or URL
• Themes: 26 themes bundled in courtesy of Bootswatch. Select with a simple environment variable.
• Unbranded delivery page: No logos, superfluous text or unrelated links to confuse end users.
• Customizable: Change text and default options via environment variables.
• Light & dark themes: Via CSS @media integration, the default site theme follows your local preferences.
• Re-Brandable: Customize the site name, tagline and logo to fit your environment.
• Custom CSS: Bundle in your own custom CSS to add your own design.
• >10 Years Old: Password Pusher has securely delivered millions and millions of passwords in its 10 year history.
• Actively Maintained: I happily work for the good karma of the great IT/Security community.
• Honest Software: Open source written and maintained by me with the help of some great contributors. No organizations, corporations or evil agendas.

💌 --> Sign up for the newsletter to get updates on big releases, security issues, new features, integrations, tips and more.

Password Pusher is also on Twitter, Gettr and on Facebook

⚡️ Quick Start

→ Go to pwpush.com and try it out.

or

→ Run your own instance with docker run -d -p "5100:5100" pglombardo/pwpush:latest or a production ready setup with a database & SSL/TLS.

or

→ Use one of the 3rd party tools that interface with Password Pusher.

Documentation

See the full Password Pusher documentation here.

📼 Credits

Translators

Thanks to our great translators!

Also thanks to translation.io for their great service in managing translations. It's also generously free for open source projects.

Containers

Thanks to:

• @fiskhest the Kubernetes installation instructions and manifests.

• @sfarosu for contributing the Docker, Kubernetes & OpenShift container support.

• sirux88 for cleaning up the Docker files and adding multistage builds.

Other

Thanks to:

• @iandunn for better password form security.

• Kasper 'kapöw' Grubbe for the JSON POST fix.

• JarvisAndPi for the favicon design

...and many more. See the Contributors page for more details.

🛡 License

This project is licensed under the terms of the Apache License 2.0 license. See LICENSE for more details.

📃 Citation

@misc{PasswordPusher,
  author = {Peter Giacomo Lombardo},
  title = {An application to securely communicate passwords over the web. Passwords automatically expire after a certain number of views and/or time has passed.},
  year = {2024},
  publisher = {GitHub},
  journal = {GitHub repository},
  howpublished = {\url{https://github.com/pglombardo/PasswordPusher}}
}