---

Give your users the tools to be secure by default.

Password Pusher is an open source application to communicate sensitive information over the web. Secret links expire after a certain number of views and/or time has passed.

Hosted at pwpush.com but you can also easily run your own private instance with just a few steps.

• Easy-to-install: Host your own via Docker, a cloud service or just use pwpush.com
• Open Source: No blackbox code. Only trusted, tested and reviewed open source code.
• Versatile: Push passwords, text, files or URLs that auto-expire and self delete.
• Audit logging: Track and control what you’ve shared and see who has viewed it.
• Encrypted storage: All sensitive data is stored encrypted and deleted entirely once expired.
• Host your own: Database backed or ephemeral, easily run your own instance isolated from the world.
• Admin Dashboard: Manage your self-hosted instance with a built in admin dashboard.
• Logins: Invite your colleagues and track what is pushed and who retrieved it.
• Unbranded delivery page: No logos, superfluous text or unrelated links to confuse end users.
• Internationalized: 29 language translations are bundled in. Easily selectable via UI or URL
• JSON API: Raw JSON API available for 3rd party tools or command line via curl or wget.
• Command line interface: Automate your password distribution with CLI tools or custom scripts.
• Themes: 26 themes bundled in courtesy of Bootswatch. Select with a simple environment variable.
• Customizable: Change text and default options via environment variables.
• Light & dark themes: Via CSS @media integration, the default site theme follows your local preferences.
• Re-Brandable: Completely white label: customize the theme, site name, tagline and logo to fit your environment.
• Custom CSS: Bundle in your own custom CSS to add your own design.
• >10 Years Old: Password Pusher has securely delivered millions and millions of passwords in its 14 year history.
• Actively Maintained: I happily work for the good karma of the great IT/Security community.
• Honest Software: Open source written and maintained by me with the help of some great contributors. No organizations, corporations or evil agendas.

💌 --> Sign up for the newsletter to get updates on big releases, security issues, new features, integrations, tips and more.

Follow Password Pusher updates on X, Reddit, Gettr and Facebook.

---

Editions

If you are considering to self-host the OSS edition, you can try it out immediately at https://oss.pwpush.com.

In 2024, I introduced a set of Pro features exclusively on pwpush.com to better support the project.

These Pro features are periodically migrated to the OSS edition. You can read more about how this works here.

To see the differences between pwpush.com and the OSS edition take a look at the Feature Matrix.

⚡️ Quick Start

→ Run your own instance with docker run -d -p "5100:5100" pglombardo/pwpush:stable or a production ready setup with a database & SSL/TLS.

or

→ Use one of the 3rd party tools that interface with Password Pusher.

📚 Documentation

See the full Password Pusher documentation here.

📼 Credits

Security Researchers

• Kullai Metikala | Github | LinkedIn
• Positive Technologies
• Igniter | Github

Translators

Thanks to our great translators!

Name	Language
Oyale	Catalan
Finn Skaaning	Danish
Mihail Tchetchelnitski	Finnish
Thibaut	French
Thomas Wölk	German	Github, Twitter
Martin Otto	German
Robin Jørgensen	Norwegian
Łukasz	Polish
Jair Henrique	Portuguese
Fabrício Rodrigues	Portuguese
Ivan Freitas	Portuguese
Sara Faria	Portuguese
Oyale	Spanish
johan323	Swedish
Fredrik Arvas	Swedish
Pedro Marques	European Portuguese

Also thanks to translation.io for their great service in managing translations. It’s also generously free for open source projects.

Containers

Thanks to:

• @fiskhest the Kubernetes installation instructions and manifests.

• @sfarosu for contributing the Docker, Kubernetes & OpenShift container support.

• sirux88 for cleaning up the Docker files and adding multistage builds.

Other

Thanks to:

• @iandunn for better password form security.

• Kasper ‘kapöw’ Grubbe for the JSON POST fix.

• JarvisAndPi for the favicon design

…and many more. See the Contributors page for more details.

🎁 Donations

Donations are in no way required of any Password Pusher user. The project, at it’s core, is and always has been open source and free to use.

With that said, if you find Password Pusher useful and would like to support & accelerate it’s continued development all donations are greatly appreciated.

	or

As an alternative to donations, you can also support the project by signing up for a paid plan at pwpush.com.

Donations are used to pay for the following:

• Hosting costs (Digital Ocean, Hatchbox, Brevo Support & Transactional Email, Docker Hub, Uptime Robot)
• Community Support
• On-going Maintenance
  • Upgrades
  • Testing
• Continued development
  • Development tools
  • License costs
  • Documentation

Legal Disclaimer: Please note that Password Pusher is owned and operated by Apnotic, LLC, a for-profit company owned and operated by me. While donations are greatly appreciated and help support the project’s development, they are not tax deductible as charitable contributions. Donations made to Password Pusher directly support a commercial entity and should be viewed as a voluntary payment to help sustain the service and encourage continued development.

See Also:

• What is Apnotic, LLC?
• Trust is a concern. Why should I trust and use Password Pusher?
• How does the Pro feature pipeline work?

🛡 License

This project is licensed under the terms of the Apache License 2.0 license. See LICENSE for more details.

📃 Citation

@misc{PasswordPusher,
  author = {Peter Giacomo Lombardo},
  title = {Securely share sensitive information with automatic expiration & deletion after a set number of views or duration. Track who, what and when with full audit logs.},
  year = {2025},
  publisher = {GitHub},
  journal = {GitHub repository},
  howpublished = {\url{https://github.com/pglombardo/PasswordPusher}}
}