OneTimeSecret vs Password Pusher: Open-Source Secret Sharing Compared

What both tools do

OneTimeSecret and Password Pusher both let you share secrets through self-destructing links. Both are open source and self-hostable. Both use server-side encryption, meaning the secret travels to the server as plain text over HTTPS and gets encrypted after arrival. You can read the code, run your own instance, and verify exactly what happens to your data.

The difference between them is scope. OneTimeSecret is minimal by design. Password Pusher is built for teams and workflows.

OneTimeSecret

OTS has been around since 2012. The codebase is straightforward and the feature set is deliberately small: paste a secret, get a link, one view, done. Self-hosting is the main draw for users who want to control their own infrastructure. Anonymous sharing is capped at 100 KB with a 7-day expiry. Free accounts raise the limit to 1 MB and 14 days.

• Encryption: server-side AES-256, open-source
• Open source: yes
• File support: none
• View limit: 1 (always)
• Expiry: 7 days (anonymous), 14 days (free account)
• Account required: no (optional for higher limits)
• Pricing: free tier, paid plans available
• Self-hosting: yes

Password Pusher

Password Pusher is the most feature-rich server-side option. View limits from 1 to 100, expiry up to 90 days, audit logging for compliance, and an API for automation. The documentation is upfront about using server-side AES-256-GCM encryption. File sharing is available on paid tiers starting at $19/month, using cloud storage encryption separate from the database encryption applied to text.

• Encryption: server-side AES-256-GCM, open-source
• Open source: yes
• File support: paid tier ($19/month+)
• View limit: 1 to 100
• Expiry: up to 90 days
• Account required: no (optional for higher limits)
• Pricing: free core, paid file tiers
• Self-hosting: yes

Key differences

• Feature depth: PwPush has configurable view limits (up to 100), long expiry (up to 90 days), audit logging, and a full API. OTS has a single view, shorter expiry, and no API.
• File sharing: PwPush supports files on paid tiers. OTS is text-only.
• Encryption algorithm: PwPush uses AES-256-GCM. OTS uses AES-256. Both are server-side, both are documented in the source code.
• Complexity: OTS is minimal. Fewer features mean a smaller attack surface and a simpler codebase to audit. PwPush has more moving parts, which adds capability at the cost of audit complexity.
• Pricing: OTS has a free hosted tier. PwPush core is free, but file sharing starts at $19/month. Both are free to self-host.
• Audit logging: PwPush provides audit trails for who accessed what and when. OTS has no built-in audit logging.

If you want simplicity and a small, auditable codebase, OTS fits. If you need configurable limits, audit trails, or an API, Password Pusher is the better match. Both trust models are the same: the server handles your secret in readable form.

A different approach: client-side encryption

With Secret.Broker, your browser encrypts the secret with XChaCha20-Poly1305 before anything goes to the server. The encryption key stays in the URL fragment, which browsers never include in server requests. The server stores ciphertext it can't decrypt.

Both OTS and PwPush address the trust-the-operator question through open source and self-hosting. Client-side encryption addresses it at the architecture level: the operator never sees the plaintext regardless of who runs the server.

• Encryption: client-side XChaCha20-Poly1305
• File support: up to 20 MB (free)
• View limits: 1 to 25
• Expiry: 15 minutes to 30 days
• Paranoid mode: splits link and decryption key for two-channel delivery
• Account required: no

The protocol page documents the full encryption stack.

Related comparisons

OneTimeSecret vs Secret.Broker · Password Pusher vs Secret.Broker · Privnote vs OneTimeSecret · Privnote vs Password Pusher · All alternatives compared

Common questions