Subhan Zafar|August 31, 2022

2 Ways To Share Passwords Securely Over The Internet

Using passwords is the fundamental way to keep all our physical and intellectual property safe. Sometimes passwords need to be shared with other users. But passwords must always remain secure. One way…

Safely share passwords over the internet

Using passwords is the fundamental way to keep all our physical and intellectual property safe. Sometimes passwords need to be shared with other users. But passwords must always remain secure.

One way of sharing the password is to tell the other person verbally. But if you want to share passwords over the Internet, certain precautions must be taken to share passwords securely.

The secure password best practice is to use a random password generator and not use one password in two or more places.

Password Pusher and Heroku can be used to share passwords securely over the Internet. You can customize the expiry time and view count of the shared password.

Let us dig further into the details of what these are and how they can be used to share passwords over the internet securely.

Table of contents

Password Pusher

Password Pusher is an online website that lets you share your password through a generated link that can only be viewed for a set number of times, for a set number of days. After that, the link automatically expires, and the password is no longer accessible.

What you do is visit the website, enter the password that you want to share, set the sliders below to configure the number of views and the number of days before the link expires (whichever comes first), and then click Push it! Note that if you share the password through apps like Microsoft Teams or Skype, set the minimum views to 2. This is because one view is counted when the app adds the preview to the shared link.

Share passwords securely using Password Pusher

You shall then be presented with a link that you may share with the person you want to share your password with. They can then access this link to look at the password through any web browser.

receive password

Once the link has been accessed after the set number of days or more times than permitted, anyone accessing the link will be prompted with the following:

link expired
Link expired notification

Although the method for password sharing is secure, the website might not be. We cannot trust the owner of the website not to store a copy of our passwords. Therefore, we shall be using our own version of Password Pusher, of which we have complete control over, assuring us that our password(s) are indeed protected.

Heroku

Heroku is a cloud-based provider that takes care of the server, and any user can deploy their application(s) there. It is also free to use for miniature applications that do not take up a lot of space. This cloud platform is the perfect infrastructure to host your own version of Password Pusher.

Thankfully, the creator of Password Pusher was kind enough to create a template of Password Pusher on Heroku so that we would not have to configure it ourselves. We can configure the settings, deploy the application with complete control, and then enter the password to be shared. The self-deployed website will then provide us with a link against the password, which can be shared with any person, like in the original Password Pusher website.

How to share passwords securely by deploying your own Password Pusher

Now that we have gone through the concept, let us begin deploying our very own Password Pusher and then generate a link.

  1. First, you need to signup on Heroku and create an account or simply login if you already have one. If you’re signing up, fill in the form and click Create free account.
    crate free account
  2. You will now be prompted to verify your email address. Go to your email, open the from Heroku and click on the link to activate your account.
    click email link
  3. You will now be rerouted to another page. Here, enter and confirm the new password for Heroku, and then click Set password and login.
    set password
  4. Once you’re logged in, go to the deployment template for Password Pusher and enter the App name. Note that this name needs to be unique.
    set app name
  5. Now continue down the page and modify any fields you wish to alter. The following options are critical and need to be managed by you:
    • Expire_after_days_default: Expiration days for link after generating it.
    • Expire_after_days_max: Maximum expiration days for link after generating it.
    • Expire_after_views_default: The number of times the password can be view through the link before it expires
    • Payload_initial_text: The password you want to share
      Once done, click on Deploy app.
      deploy app
  6. The application will now start deploying itself on the Heroku cloud. This step might take a few minutes to compile and execute the app. Once it is done, you will be presented with something like the one below:manage or view
    This means that the application has been deployed successfully. You may now click on Manage app to change any configurations you had made or click on View to access the application interface. However, we encountered an error with the View button as it was not responding. The application was still accessible through the Manage app button and then clicking on Open app.

Now you can generate a link for the entered password through the self-deployed Password Pusher, the same as on the original website. The configurations for the link can also be altered from here.

Closing words

It is reasonable to not go through all this hassle and share a password with someone over a messaging app, such as WhatsApp, and then delete the text later. However, you are still taking the risk of uploading your password to a third-party database that is not in your control.

Sharing passwords through the combination of Password Pusher and Heroku has made the task much more reliable. Neither would it be exposed to any third-party database, nor would it remain active any longer than you want it to!

Editor’s note: Using password managers like Lastpass and 1passwords can also be useful to not only share passwords but synchronize shared passwords across your family members or colleagues.

Tags:  Tech Info
Subhan Zafar

Subhan Zafar

Subhan Zafar is an established IT professional with interests in Windows and Server infrastructure testing and research, and is currently working with Itechtics as a research consultant. He has studied Electrical Engineering and is also certified by Huawei (HCNA & HCNP Routing and Switching).

See all posts from Subhan Zafar
Latest posts
What Is SQL Injection And How To Prevent Them
Subhan Zafar|September 11, 2023
What Is SQL Injection And How To Prevent SQL Injection Attacks

Protect your websites and web applications from being exploited by SQL injection. proactively protect your assets by applying these simple security checks.

View post
Windows 11 is getting a built in passkey manager for Windows Hello
Subhan Zafar|August 3, 2023
Passkey Passwordless Authentication – Everything You Must Know

Sign into your apps and websites more securely with passkeys, instead of usernames and passwords.

View post
Best IP Grabber Software
Yamna Ali|May 22, 2023
What Are IP Grabbers: Our Top 5 Selection

Prevent yourself from online scams! Use IP grabbers to distinguish real offers from the fake ones by find their geographic locations and other information.

View post

Leave the first comment