SharePass exists as a better alternative to emailing passwords.

Emailing passwords is inherently insecure. The greatest risks include:

• Emailed passwords are usually sent with context to what they go to or can potentially be derived from email username, domain etc…
• Email is inherently insecure and can be intercepted at multiple points by malicious entities.
• Emailed passwords live in perpetuity (read: forever) in email archives.
• Passwords in email can be retrieved and used later on if an email account is stolen, cracked etc..

The same risks persist when sending passwords via SMS, WhatsApp, Telegram, Chat etc… The data can and is often perpetual and out of your control.

By using SharePass, you bypass all of this.

For each password posted to SharePass, a unique URL is generated that only you will know. Additionally, passwords expire after a predefined set of views are hit or time passed. Once expired, passwords are unequivocally deleted.

If that sounds interesting to you, try it out or see the other frequently asked questions below.

And rightfully so. All good security begins with healthy skepticism of all involved components.

SharePass exists as a better alternative to emailing passwords. It avoids having passwords exist in email archives in perpetuity. It does not exist as a end-all security solution.

SharePass is a private fork from Password Pusher opensource so the source can be publicly reviewed and can alternatively be run internally in your organization.

Passwords are unequivocally deleted from the database once they expire. Additionally, random URL tokens are generated on the fly and passwords are posted without context for their use.

A note for those with an interest in extreme security: there is no way I can reliably prove that the opensource code is the same that runs on pwpush.com (this is true for all sites in reality). The only thing I can provide in this respect is my public reputation on Github, LinkedIn, Twitter and my blog. If this is a concern for you, feel free to review the code, post any questions that you may have and consider running it internally at your organization instead.

Absolutely. SharePass has a number of applications and command line utilities (CLI) that interface with pwpush.com or privately run instances. Push passwords from the CLI, Slack, Alfred App and more.

See our Tools and Applications page for more details.

Yes. Using the previously mentioned tools, many users and organizations integrate SharePass into their security policies and processes.

The Tools page outlines the resources available to automate the secure distribution of passwords.

There are no limits currently and I have no intention of adding any. To minimally assure site stability, SharePass is configured with a rate limiter by default.