Description
Password Pusher is an opensource application to communicate passwords over the web. Links to passwords expire after a certain number of views and/or time has passed.
Hosted at pwpush.com but you can also easily run your own private instance with just a few steps.
Password Pusher alternatives and similar tools
Based on the "Security" category.
Alternatively, view PasswordPusher alternatives based on common mentions on social networks and blogs.
-
lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional. -
Wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads. -
CrowdSec
CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI. -
Suricata
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community. -
OSSEC
OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. -
SpamAssassin
Read-only mirror of Apache SpamAssassin. Submit patches to https://bz.apache.org/SpamAssassin/. Do not send pull requests
SaaSHub - Software Alternatives and Reviews
![SaaSHub Logo SaaSHub Logo](https://cdn-b.libhunt.com/assets/partners/saashub-small-09b040e303cf50000aca670e1c77a15c64fc5c073fbdca2665ec2b8b621efc1a.png)
* Code Quality Rankings and insights are calculated and provided by Lumnify.
They vary from L1 to L5 with "L5" being the highest.
Do you think we are missing an alternative of Password Pusher or a related project?
README
Simple & Secure Password Sharing with Auto-Expiration of Shared Items
Password Pusher is an opensource application to communicate passwords over the web. Links to passwords expire after a certain number of views and/or time has passed.
Hosted at pwpush.com but you can also easily run your own private instance with just a few steps.
- Easy-to-install: Host your own via Docker, a cloud service or just use pwpush.com
- Opensource: No blackbox code. Only trusted, tested and reviewed opensource code.
- Audit logging: Track and control what you've shared and see who has viewed it.
- Encrypted storage: All sensitive data is stored encrypted and is deleted once expired.
- Host your own: Database backed or ephemeral, easily run your own instance isolated from the world.
- JSON API: Raw JSON API available for 3rd party tools or command line via
curl
orwget
. - Command line interface: Automate your password distribution with CLI tools or custom scripts.
- Internationalized: 14 language translations are bundled in. Easily selectable via UI or URL
- Unbranded delivery page: No logos, superfluous text or unrelated links to confuse end users.
- Customizable: Change text and default options via environment variables.
- Light & dark themes: Via CSS @media integration, the site theme follows your local preferences
- Rebrandable: Customize the site name, tagline and logo to fit your environment.
- 10 Years Old: Password Pusher has securely delivered millions and millions of passwords in it's 10 year history.
- Honest Software: Opensource written and maintained by me with the help of some great contributors. No organizations, corporations or evil agendas.
Follow Password Pusher on Twitter, Gettr or on Facebook for the latest news, updates and changes.
[[](./app/frontend/img/features/front-page-thumb.png)](./app/frontend/img/features/front-page-large.png) [[](./app/frontend/img/features/audit-log-thumb.png)](./app/frontend/img/features/audit-log-large.png) [[](./app/frontend/img/features/secret-url-languages-thumb.png)](./app/frontend/img/features/secret-url-languages-large.png) [[](./app/frontend/img/features/password-generator-thumb.png)](./app/frontend/img/features/password-generator-large.png) [[](./app/frontend/img/features/dark-theme-thumb.png)](./app/frontend/img/features/dark-theme.gif) [[](./app/frontend/img/features/preliminary-step-thumb.png)](./app/frontend/img/features/preliminary-step.gif)
⚡️ Quickstart
→ Go to pwpush.com and try it out.
or
→ Run your own instance with one command: docker run -d -p "5100:5100" pglombardo/pwpush-ephemeral:release
then go to http://localhost:5100
or
→ Use one of the 3rd party tools that interface with Password Pusher.
💾 Run Your Own Instance
Note: Password Pusher can be largely configured by environment variables so after you pick your deployment method below, make sure to read [the configuration page](Configuration.md). Take particular attention in setting your own custom encryption key which isn't required but provides the best security for your instance.
On Docker
Docker images of Password Pusher are available on Docker hub.
➜ ephemeral Temporary database that is wiped on container restart.
docker run -d -p "5100:5100" pglombardo/pwpush-ephemeral:release
➜ using an External Postgres Database Postgres database backed instance.
docker run -d -p "5100:5100" pglombardo/pwpush-postgres:release
➜ using an External MariaDB (MySQL) Database Mariadb database backed instance.
docker run -d -p "5100:5100" pglombardo/pwpush-mysql:release
Note: The latest
Docker container tag builds nightly off of the latest code changes and can occasionally be unstable. Always use the 'release' or version'd tags if you prefer more stability in releases.
With Docker Compose
➜ One-liner Password Pusher with a Postgres Database
curl -s -o docker-compose.yml https://raw.githubusercontent.com/pglombardo/PasswordPusher/master/containers/docker/pwpush-postgres/docker-compose.yaml && docker compose up -d
➜ One-liner Password Pusher with a MariaDB (MySQL) Database
curl -s -o docker-compose.yml https://raw.githubusercontent.com/pglombardo/PasswordPusher/master/containers/docker/pwpush-mysql/docker-compose.yaml && docker compose up -d
On Kubernetes
Instructions and explanation of a Kubernetes setup can be found here.
On Microsoft Azure
There used to be a 3rd party blog post with instructions but it's been deleted. If anyone has instructions they would like to contribute, it would be greatly appreciated.
See issue #277
On OpenShift
See our OpenShift documentation.
On Heroku
One click deploy to Heroku Cloud without having to set up servers.
This option will deploy a production Password Pusher instance backed by a postgres database to Heroku. Heroku used to offer free dynos but that is no longer the case from November 28, 2022. Hosting charges will be incurred.
From Source
Make sure you have git and Ruby installed and then:
git clone [email protected]:pglombardo/PasswordPusher.git
cd PasswordPusher
gem install bundler
bundle install --without development production test --deployment
bundle exec rake assets:precompile
RAILS_ENV=private ./bin/rake db:setup
./bin/rails server --environment=private
Then view the site @ http://localhost:5100/.
🔨 3rd Party Tools
Command Line Utilities
The almost official pwpush-cli (in pre-beta): CLI for Password Pusher with authentication support
pgarm/pwposh: a PowerShell module available in the PowerShell Gallery
kprocyszyn/Get-PasswordLink.ps1: a PowerShell based CLI
lnfnunes/pwpush-cli: a Node.js based CLI
abkierstein/pwpush: a Python based CLI
Libraries & APIs
- oyale/PwPush-PHP: a PHP library wrapper to easily push passwords to any Password Pusher instance
Android Apps
Application Integrations
See also the Tools Page on pwpush.com.
📡 The Password Pusher API
🇮🇹 Internationalization
Password Pusher is currently available in 14 languages with more languages being added often as volunteers apply.
From within the application, the language is selectable from a language menu. Out of the box and before any language menu selection is done, the default language for the application is English.
Changing the Default Language
The default language can be changed by setting an environment variable with the appropriate language code:
PWP__DEFAULT_LOCALE=es
For more details, a list of supported language codes and further explanation, see the bottom of this configuration file.
🛟 Help Out
pwpush.com is hosted on Digital Ocean and is happily paid out of pocket by myself for more than 10 years.
But you could help out greatly by signing up to Digital Ocean with this link (and get $200 credit). In return, Password Pusher gets a helpful hosting credit.
tldr; Sign up to Digital Ocean with this link, get $200 credit for free and help Password Pusher out.
📼 Credits
Translators
Thanks to our great translators!
If you would like to volunteer and assist in translating, see this page.
Catalan
Danish
- Finn Skaaning
French
German
Norwegian
- Robin Jørgensen
Polish
Portuguese
- Jair Henrique
- Fabrício Rodrigues
- Ivan Freitas
- Sara Faria
Spanish
Swedish
- johan323
- Fredrik Arvas
Also thanks to translation.io for their great service in managing translations. It's also generously free for opensource projects.
Containers
Thanks to:
@fiskhest the Kubernetes installation instructions and manifests.
@sfarosu for contributing the Docker, Kubernetes & OpenShift container support.
Other
Thanks to:
@iandunn for better password form security.
Kasper 'kapöw' Grubbe for the JSON POST fix.
JarvisAndPi for the favicon design
...and many more. See the Contributors page for more details.
🛡 License
This project is licensed under the terms of the GNU General Public License v3.0
license. See LICENSE for more details.
📃 Citation
@misc{PasswordPusher,
author = {Peter Giacomo Lombardo},
title = {An application to securely communicate passwords over the web. Passwords automatically expire after a certain number of views and/or time has passed.},
year = {2022},
publisher = {GitHub},
journal = {GitHub repository},
howpublished = {\url{https://github.com/pglombardo/PasswordPusher}}
}
*Note that all licence references and agreements mentioned in the Password Pusher README section above
are relevant to that project's source code only.