Share passwords, text, files & URLs securely with self-deleting links and full audit logs.
Password Pusher is an open source web app for sharing sensitive information safely. You push a password, note, file, or URL; the recipient gets a one-time link that expires after a set number of views and/or time. No more sending secrets over chat or email—everything is encrypted, auditable, and can self-destruct.
Use the hosted service or run your own instance with Docker in minutes.
| 🔒 Secure by default | Encrypted storage, optional passphrase, expiry by views and/or time. Sensitive data is removed entirely once expired. |
| 📋 Full audit trail | See when links were created, viewed, and by whom (with logins). |
| 🏠 Self-host or use hosted | Use pwpush.com or deploy your own—Docker, Kubernetes, Helm, or cloud. |
| 🌐 Ready for teams | 31 languages, light/dark theme, JSON API, CLI, and many integrations. |
- Encrypted at rest — Sensitive data is stored encrypted and deleted when expired.
- Expiry controls — Limit by number of views and/or time; links can require a passphrase.
- Audit logging — Track what was shared and who viewed it (with optional logins).
- Unbranded delivery page — No logos, superfluous text or unrelated links to confuse push recipients.
- One-command deploy — Docker Compose with automatic SSL/TLS
- Database or ephemeral — Use a database for persistence or run stateless.
- Admin dashboard — Manage your instance from a built-in admin UI.
- White-label — Custom theme, logo, site name, and 26 Bootswatch themes via env vars.
- Custom CSS — Add your own styles; light/dark follows system preference.
- JSON API — Integrate with scripts,
curl,wget, or third-party tools. - CLI — Automate distribution with CLI tools and scripts.
- 31 languages — UI and secret-URL pages in 31 languages (courtesy of Translation.io).
- Open source — Apache 2.0; no black box. Written and maintained by myself and the team at Apnotic with the help of contributors.
- 14+ years in production — Used to deliver millions of secrets; actively maintained.
- Trusted worldwide — Used by thousands of companies around the globe.
 |
 |
 |
|---|---|---|
| Create a push | Audit log | Multi-language URLs |
 |
 |
 |
|---|---|---|
| Password generator | Dark theme | Optional preview step |
| Open source (this repo) | Pro (pwpush.com) | |
|---|---|---|
| Try it | oss.pwpush.com | pwpush.com |
| Use case | Self-host or use OSS demo | Hosted Pro with extra features |
| Details | Full source here; you deploy or use the OSS demo. | Pro features are periodically migrated to OSS. |
Feature comparison: pwpush.com/features#matrix
Self-hosted Pro (with licensing) is in early beta. Pro features not yet in OSS will be available for self-hosted deployments.
- Join the waitlist for availability and beta access.
- Waitlist subscribers get 20% off their first year’s Self-Hosted Pro license at launch.
No setup: pwpush.com — create a push and share the link.
- Point a DNS record to your server (e.g.
pwpush.example.com). - Clone this repo or download docker-compose.yml.
- In
docker-compose.yml, uncomment and set:TLS_DOMAIN: 'pwpush.example.com'(for automatic Let’s Encrypt TLS).- Optionally set
PWPUSH_MASTER_KEY(see comments in the file; generate at us.pwpush.com/generate_key).
- Run:
docker compose up -dOpen https://pwpush.example.com. The Compose file includes persistent storage, health checks, and is suitable for production.
See 3rd party tools & integrations for API usage, CLIs, and integrations.
Full docs: docs.pwpush.com — installation, configuration, API, themes, and more.
Translation.io has provided free translation tooling for the OSS version of Password Pusher. The app ships with 31 UI languages.
Consider Translation.io for your company or project’s translation needs.
- Kullai Metikala — GitHub | LinkedIn
- Positive Technologies
- Igniter — GitHub
| Name | Language |
|---|---|
| Oyale | Catalan, Spanish |
| Finn Skaaning | Danish |
| Mihail Tchetchelnitski | Finnish |
| Thibaut | French |
| Thomas Wölk | German — GitHub, Twitter |
| Martin Otto | German |
| Robin Jørgensen | Norwegian |
| Łukasz | Polish |
| Jair Henrique, Fabrício Rodrigues, Ivan Freitas, Sara Faria | Portuguese (BR) |
| Pedro Marques | European Portuguese |
| johan323, Fredrik Arvas | Swedish |
Thanks also to Translation.io for managing translations (free for open source).
- @fiskhest — Kubernetes manifests
- @sfarosu — Docker, Kubernetes & OpenShift support
- sirux88 — Docker cleanup and multistage builds
- @iandunn — Password form security
- Kasper Grubbe — JSON POST fix
- JarvisAndPi — Favicon design
More: Contributors
Donations are optional. Password Pusher is and will remain open source and free to use.
If it’s useful to you and you’d like to support development, donations are greatly appreciated and go toward hosting, maintenance, testing, and new features.
 |
Donate via Stripe |
|---|
You can also support the project with a paid plan on pwpush.com.
Note: Password Pusher is operated by Apnotic, LLC. Donations support the project but are not tax-deductible charitable contributions. See FAQ for more on Apnotic and trust & security.
This project is licensed under the Apache License 2.0. See LICENSE for details.
@misc{PasswordPusher,
author = {Peter Giacomo Lombardo},
title = {Password Pusher: Securely share sensitive information with automatic expiration and deletion. Track who, what and when with full audit logs.},
year = {2026},
publisher = {GitHub},
howpublished = {\url{https://github.com/pglombardo/PasswordPusher}}
}![@dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=64&v=4){kind=small}
