General

What is Password Pusher?

Password Pusher is a tool used for sharing passwords and other sensitive information with colleagues, clients and customers securely.

With Password Pusher, you can create a unique, one-time URL (a “push”) that will expire after a certain amount of time or after it has been accessed a certain number of times, ensuring that your information remains private and secure.

Data is encrypted and deleted upon expiration.

It is often used by individuals and organizations to share login credentials or other sensitive data with colleagues, clients, customers, partners and more.

Trust & Security

What is the purpose of Password Pusher?

Password Pusher is a secure alternative to emailing or sending passwords via SMS, WhatsApp, or other messaging platforms. Emailing passwords is inherently insecure and poses significant risks, including:

  • Passwords can be easily intercepted by malicious entities
  • Emails can be hacked or compromised, leaving passwords vulnerable
  • Passwords remain in perpetuity in email archives, even after they’re no longer needed
  • Stolen or compromised email accounts can be used to retrieve and reuse passwords

Similarly, sending passwords via SMS, WhatsApp, Slack or other messaging platforms can also put your sensitive information at risk, as the data can be stored indefinitely and outside of your control.

Password Pusher solves these problems by providing a secure, temporary, and controlled way to share passwords. When you post a password to Password Pusher, we generate a unique URL that only you know, and the password expires after a set number of views or a predetermined time period. Once expired, the password is permanently deleted, ensuring your sensitive information remains secure.

Trust is a concern. Why should I trust and use Password Pusher?

Password Pusher exists as a better alternative to emailing passwords. It avoids having passwords exist in email & messaging archives in perpetuity. It does not exist as a end-all security solution.

Password Pusher started as an open source project at the end of 2011. It has been maintained & updated by myself (Peter Giacomo Lombardo) and a handful of excellent contributors for all of that time. In 2024, the premium version was introduced to accelerate development and to help fund the project. All premium features end up in the open source version eventually.

By having such a long history and being open source, Password Pusher has been reviewed by many eyes. It has been used by and audited many organizations and individuals over the years.

Push and request payloads are deleted entirely on expiration and the audit log is maintained indefinitely. The less data Password Pusher holds, the better.

If you still have concerns regarding trust, safety and security, feel free to review the code, post any questions that you may have and consider running it internally at your organization instead.

As for trust in me, all I can offer is my long history building this project and my public reputation on Github, LinkedIn, Twitter and my blog.

Feel free to contact me anytime with any questions you may have!

How safe is it to post passwords using a tool like Password Pusher?

In the current day, where password generators are often used to produce high-entropy passwords, brute-forcing or performing a dictionary attack is extremely challenging. Thus discovering a strong password alone has very little value to attackers.

Without knowing the corresponding username and system it belongs to, a password is essentially useless. It’s only when two or more of these components - the password, username and system - are discovered together that they become valuable to attackers.

It’s for these reasons that sending a strong password alone with a tool like Password Pusher poses limited risk.

Then security is also improved if you use good security policies at your organization such as requiring two-factor authentication and periodic password resets.

Common best practices are to use multiple pushes, pre-shared passphrases and communicate over multiple channels (often referred to as segmentation or compartmentalization).

To even further increase security, Password Pusher also:

  1. encrypts sensitive data in the database
  2. has view and duration expiration limits
  3. deletes all sensitive data upon push expiration
  4. offers the use of optional pre-shared passphrases to further limit access
  5. maintains full audit logs that that reveal who interacted (and how) with the created push
  6. offers preemptive push deletion by you or optionally your end-user
  7. can be self-hosted internally at your organization
  8. is open source, has a +13 year history and the code been reviewed and audited many times over.

See also: What are the potential security risks of running my own version internally?

What is Apnotic?

Apnotic is the company created to manage Password Pusher (and to accept credit cards). It is solely owned and managed by myself, Peter Giacomo Lombardo.

Premium Version

Password Pusher has always been open source. Why is there now a premium version?

Password Pusher has been very fortunate in it’s popularity and growth over the years. I’ve enjoyed every moment of building it and working with the community to make it better.

After 13 years, the project has hit a point where there are now more feature requests and ongoing maintenance than I can handle doing this only nights and weekends (which is a great problem for an OSS project to have honestly). On top of that, monthly hosting costs have also increased to a point where it’s starting to hurt a bit.

I introduced the premium version to help fund the project and to accelerate development. The super-set of features in the premium versions are meant to be a value-add for organizations that need more than the open-source version provides.

As Password Pusher is built out, premium features will periodically be moved to the open-source version.

Will the premium features be added to the open source version?

Absolutely - the premium version allows me to spend more time on the project. The final destination for all work is to be in the open source version of the project eventually.

Other features will go directly to the open source version.

What are the differences between the open source and premium version?

See the features page for a full list of differences between the open source and premium versions.

Do you offer any discounts or free accounts?

If you are a non-profit or an educational institution, send me a message on the feedback form, explain your needs and I might be able to grant you a premium or pro account for free.

If you are part of a for-profit company, I humbly ask for your support in the form of a subscription.

File uploads used to be free on pwpush.com. Why are they now a premium feature?

I really tried to keep file based pushes free but because of some abuse, risk and growing hosting costs. I didn’t have much choice.

If you are an individual or student and really can’t afford the subscription, message me and I will see what I can do. At a minimum, a credit card will be required even though it won’t be charged.

Note: File uploads are always available in the self-hosted version Password Pusher. This limitation is for unsubscribed pwpush.com accounts only.

Pro Version

How can I invite users to my account?

You can invite users by selecting the top right dropdown menu and selecting your account. From there you should see an “Invite a User” button.

Tools, Integrations & Applications

Are there other ways I can access Password Pusher outside of a browser?

With the Password Pusher JSON API, there are a number of applications and command line utilities (CLI) that interface with pwpush.com or your self-hosted instance. Push passwords from the CLI, Slack, Alfred App and more.

See the JSON API documentation page for more information.

Can I automate my password distribution?

Yes. The Password Pusher JSON API allows for the automation of password pushing. This can be done with a variety of programming languages, applications and tools.

See the JSON API documentation page for more information.

How many requests can I send to Password Pusher?

There are no limits currently and I have no intention of adding any. To minimally assure site stability, Password Pusher is configured with a rate limiter by default. This can be disabled in the self-hosted version.

Running Your Own Private Instance / Self-Hosted

Can I run my own version for my organization internally?

Yes, for the open source version, we provide Docker containers and installation instructions for a wide variety of platforms and clouds.

For the premium version, with the super-set of features, self-hosted containers are coming soon.

See the installation documentation for more information.

Can I apply a custom logo or change the design?

The Premium and Pro plans on pwpush.com allow you to utilize fully branded and customized pushes. For the Pro version, you can invite colleagues to collaborate and even use a custom domain.

In both of those plans, you can also customize text, appearance and even hide features entirely from your team.

See here for a walk-through of all of the branding options in the Premium & Pro versions.

The open source edition of Password Pusher also supports complete re-branding “out of the box” allowing you to add a custom logo, images, text and even change the application theme.

See the Rebranding documentation for more information.

Are there any licensing restrictions for me, my company or my organization?

The source code of the open source version is released under the Apache 2.0 License and that pretty much defines any and all limitations. There are quite a few re-branded and redesigned clone sites across the internet and hosted internally I welcome them all.

pwpush.com hosts a premium version of Password Pusher with a super-set of features beyond the open source project. pwpush.com is free to use but offers subscriptions for the premium and pro features such as teams, invites, custom domains etc…

A Pro self-hosted version is coming soon. It will be available under a commercial license.

Why would I want to run my own private instance of Password Pusher?

Some organizations are bound by security policies that prohibit the use of public services for sensitive information such as passwords. There are even organizations that require all tools to be on private intranets without access to the outside world.

Running your own private instance of Password Pusher allows you to control the environment and the data. It also allows you to add custom features and integrations that are specific to your organization.

It’s for these reasons that we provide the ability (and encourage) users and organizations to self-host private instances when needed.

What are the potential security risks of running my own version internally?

Running a private instance of Password Pusher for your company or organization gives you the peace of mind that you know exactly what code is running. You can configure and run it as you like.

On the other hand, if your instance gets hacked and the encryption broken, malicious entities now have a targeted dictionary of passwords to brute force accounts in your organization. (this would be limited to pushes which haven’t expired yet)

In this respect, the public instance at pwpush.com may be superior in that it contains only passwords without identifying information mixed among users from around the globe.

One other consideration would be the maintenance of the instance. You need to keep it updated, secure and backed up.

You should carefully weigh the pros and cons and decide which route is best for you and your organization. We happily support both strategies.

Pushes

The secret URL I sent was already expired. What happened?

Some systems such as email, firewalls and chat systems often have link scanners that can eat up views. This is usually done for corporate security or to simply generate a “preview” for applications.

To prevent this, use the 1-click retrieval step option when pushing passwords. This requires the users to click through a preliminary page to protect views from such scanners.

As an additional preventative measure, when logged in, an audit log is provided for every push created. This audit log reveals by who and when the push was viewed.

A push I sent expired, but it contained important information. Can you retrieve it?

Unfortunately, no. Once a push expires, all sensitive information associated with it is permanently deleted and cannot be recovered. Additionally, Password Pusher has a strict policy to ensure user privacy, which means no team member can view or access user pushes at any time.

Other

Can I use Password Pusher in my talk, video, presentation or conference?

Absolutely. We have media resources and a full explanation of features available in Windows Powerpoint and Mac Keynote formats.

If you have any questions or need any help, feel free to contact me anytime.

See the Presentations page for more information.

Can you add a specific feature for my organization?

Very likely as I’ve done so for many other organizations in the past.

I love to hear all ideas and feedback as it feeds the list of “what to add next”.

If you have any such requests, please let me know via one of the channels on the support page.

……………..

You made it to the bottom. Thanks for your time and attention. I hope I made everything clear.

If there is anything I can ever help with - feel free to contact me anytime.

Updated: