1. Home
  2. Accounts and Access
  3. Password Pusher
  1. Home
  2. Security
  3. Password Pusher

Password Pusher

UVM IT hosts an instance of Password Pusher, an open-source service which allows for the secure sending of sensitive information such as passwords and recovery keys.

Rather than sending such information across a system like email, Password Pusher allows for the generation of unique, randomly-generated browser links which display the password on opening. These links will delete automatically after a certain number of days or after a certain number of views – whichever comes first.

Why should you use Password Pusher?

Emailing passwords is inherently insecure. The greatest risks include:

  • Emailed passwords are usually sent with context to what they go to or can potentially be derived from email username, domain, etc.
  • Email is inherently insecure and can be intercepted at multiple points by malicious entities.
  • Emailed passwords live in perpetuity (read: forever) in email archives
  • Passwords in email can be retrieved and used later on if an email account is stolen, cracked, etc.

Sending a Password using Password Pusher

An expired Password Pusher link must be recreated and sent again

After a password link expires, it is deleted from the Password Pusher system. Be sure to communicate the limited lifetime of the link.

  1. Visit go.uvm.edu/pwpush.
  2. Type in the password that you’d like to send
  3. Set the expiration conditions – you can set both the maximum number of views or the maximum amount of time before the password is deleted
  4. Click Push it! to generate the password link
  5. Copy the password link from the box or by clicking on the Copy to Clipboard button
  6. Send the link to the recipient
Updated on May 6, 2022

Related Articles

Not the solution you were looking for?
Don’t worry we’re here to help!
Submit a Help Ticket