Home
PHPasswordPusher is a PHP port of the PasswordPusher project, which provides a more secure method for sharing sensitive information (like passwords) with others. It operates on the principal that using a soon-to-be-expiring link to retrieve sensitive information is better than having the sensitive information persist in email, chat, etc...
A user will enter the sensitive information (password, etc.) into the pwlink script, set a view and time limit, and receive a link. That link is communicated to the intended recipient, who then can retrieve the sensitive information until the view or time limits are breached.
This application is still in its infancy, but it can be considered functionally complete. I plan to have an official release by October 2012 that should include a number of enhancements, so check back soon!
PHPasswordPusher has so far been tested with the following environment:
- Linux (RHEL 5 and CentOS 5, though other distributions should work.)
- Apache
- MySQL
- PHP
- Change configuration options in config.php
- Change configuration options in mysqlinstall.php
- From the command-line interface, run
php mysqlinstall.php - Copy the 'deploy' directory to the php-enabled web directory of your choice (rename as you like, but update deploy/config.php to reflect the change!)
- Configure Apache:
#PHPasswordPusher
Alias /youralias/ /your/installation/dir/deploy/
<Directory /your/installation/dir/deploy/>
#If you use the email functionality, you should definitely enable authentication:
#AuthName "Your login message."
#AuthType Basic
#AuthUserFile /your/.htpasswd
#require valid-user
AllowOverride None
Order allow,deny
Allow from all
DirectoryIndex pw.php
</Directory>