Password Pusher

Password Pusher is a web application for securely sharing sensitive information (passwords, API keys, notes, and files) via short-lived links. Secrets automatically expire after a configurable number of views and/or a set duration, reducing the risk of accidental long-term exposure.

Key Features

• Create “pushes” (text or file) that expire by time and/or number of views
• Optional passphrase protection and client-side encryption modes (where supported) to reduce server-side exposure of plaintext
• One-time / limited-view secret retrieval with clear expiration metadata
• Support for file pushes (not only text), enabling sharing of certificates, configs, and other sensitive artifacts
• Administrative configuration for default/maximum expiration policies and limits
• Audit/history style metadata for pushes (e.g., created/expired) to support operational accountability
• Web UI designed for quick sharing; API/automation support via HTTP endpoints (for scripted secret creation)

Use Cases

• Share a password or 2FA recovery code with a colleague without sending it in email/chat history
• Send an API token or SSH private key to a contractor with strict time/view limits
• Provide short-lived access details during incident response or on-call handoffs

Limitations and Considerations

• Not a full password manager/vault (no long-term credential storage, rotation, or team vault workflows)
• Security properties depend on deployment/configuration (e.g., TLS, secret retention policy, and whether encryption/passphrase modes are enforced)

Password Pusher fits teams that need a simple, auditable way to transmit secrets with built-in expiration controls. It complements (rather than replaces) a password manager by focusing on secure, ephemeral delivery.