passwordPusher
Securely share passwords, text, files, and URLs via self-destructing links with full audit logs.
What is passwordPusher?
Password Pusher is an open-source web application that enables secure sharing of sensitive information like passwords, text, files, and URLs. It generates unique, expiring links that automatically delete the data after a set number of views or a specific time period, eliminating the risk of persistent exposure. The platform solves the problem of sharing secrets over insecure channels by providing encrypted storage and full audit logs.
System administrators, DevOps teams, security-conscious organizations, and individuals who need to share credentials or sensitive data securely without relying on email or chat. It's ideal for teams requiring audit trails and self-hosted control.
Developers choose Password Pusher for its robust security features, ease of self-hosting, and comprehensive audit capabilities. Its open-source nature, Docker-based deployment, and extensive customization options provide a trustworthy and flexible alternative to proprietary secret-sharing services.
Overview
🔐 Securely share sensitive information with automatic expiration & deletion after a set number of views or duration. Track who, what and when with full audit logs.
Use Cases
Best For
- Securely sharing database credentials with team members
- Distributing one-time access tokens or API keys
- Sending confidential documents with automatic deletion
- Auditing who accessed sensitive information and when
- Self-hosting a secret-sharing service for internal company use
- Integrating secure secret distribution into automated scripts via CLI or API
Not Ideal For
- Organizations that require permanent archival of shared secrets without automatic deletion, as all links expire after configurable views or time.
- Teams needing real-time, collaborative editing of shared credentials, since it's designed for one-time distribution rather than ongoing access.
- Environments where deploying and maintaining a Ruby-on-Rails application with Docker is beyond the team's infrastructure expertise.
- Use cases involving frequent sharing of very large files (e.g., over 100MB) where web-based uploads might be impractical due to potential performance limits.
Pros & Cons
Pros
Data is encrypted at rest with optional passphrase protection and automatic deletion after expiry, minimizing exposure risks as detailed in the 'Security & privacy' section.
Tracks every link creation and view with timestamps and optional user logins, providing full accountability for secret access, highlighted in the audit logging feature.
Supports one-command Docker Compose deployments, Kubernetes manifests, and multiple cloud platform configs, making self-hosting straightforward and customizable.
Offers a JSON API, CLI tools, and 31 language translations, enabling seamless automation and global use without language barriers.
Cons
The README admits that Pro features are only periodically migrated to the open-source version, creating a functionality gap for self-hosters who want the latest updates.
While Docker Compose simplifies deployment, customizing themes, logos, and advanced settings requires editing environment variables and understanding the Rails app structure, which can be daunting.
As a Ruby-on-Rails application, it may not scale as efficiently as lighterweight solutions under high traffic, though it has been in production for 14+ years.
Frequently Asked Questions
Related Projects
maybeThe personal finance app for everyone
mastodonYour self-hosted, globally interconnected microblogging community
discourseA platform for community discussion. Free, open, simple.
chatwootOpen-source live-chat, email support, omni-channel desk. An alternative to Intercom, Zendesk, Salesforce Service Cloud etc. 🔥💬
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.