Privnote vs Password Pusher: Simplicity vs Features

What both tools do

Privnote and Password Pusher let you share a secret through a self-destructing link. The recipient opens the link, reads the secret, and the link expires. Both use server-side encryption, meaning the secret travels to the server as plain text over HTTPS and gets encrypted after arrival. Beyond that shared foundation, the two tools take very different approaches to features, transparency, and pricing.

Privnote

Privnote is built around simplicity. One text field, one button, one link. There are no configurable view limits, no expiry options beyond the default, and no file attachments. The encryption algorithm is undisclosed and the code is closed-source. The service is ad-supported, running third-party scripts on the same page where you paste your secret.

• Encryption: server-side, undisclosed algorithm, closed-source
• Open source: no
• File support: none
• View limit: 1 (always)
• Expiry: after first view
• Account required: no
• Pricing: free, ad-supported
• Self-hosting: not available

Password Pusher

Password Pusher is the most feature-rich server-side option. Open source, self-hostable, with configurable view limits from 1 to 100, expiry up to 90 days, audit logging for compliance workflows, and an API for automation. Their documentation is upfront about using server-side AES-256-GCM encryption. File sharing is a paid feature starting at $19/month, using cloud storage encryption separate from the database encryption applied to text.

• Encryption: server-side AES-256-GCM, open-source
• Open source: yes
• File support: paid tier ($19/month+)
• View limit: 1 to 100
• Expiry: up to 90 days
• Account required: no (optional for higher limits)
• Pricing: free core, paid file tiers
• Self-hosting: yes

Key differences

• Transparency: Password Pusher is open source with documented AES-256-GCM encryption. Privnote is closed-source with an undisclosed algorithm. You can read PwPush's encryption code; with Privnote, you can't.
• Features: PwPush offers configurable view limits, long expiry windows, audit logging, and an API. Privnote offers one view, no configuration, no API.
• File sharing: PwPush supports files on paid tiers. Privnote is text-only.
• Self-hosting: PwPush can be self-hosted, giving you control over the server. Privnote has no self-hosting option.
• Ads: Privnote runs third-party ad scripts alongside your secret. Password Pusher has no ads.
• Cost: Privnote is free with ads. PwPush core is free; file sharing and premium features start at $19/month.

If you need simplicity and don't mind ads or closed-source code, Privnote works. If you need audit trails, configurable limits, or verifiable encryption, Password Pusher is the stronger choice. Both still use server-side encryption.

A different approach: client-side encryption

With Secret.Broker, your browser encrypts the secret with XChaCha20-Poly1305 before anything goes to the server. The encryption key stays in the URL fragment, which browsers never include in server requests. The server stores ciphertext it can't decrypt.

File attachments up to 20 MB are compressed and encrypted with the same cipher. No paid tiers, no account required. Paranoid mode splits the link and decryption key for two-channel delivery.

• Encryption: client-side XChaCha20-Poly1305
• File support: up to 20 MB (free)
• View limits: 1 to 25
• Expiry: 15 minutes to 30 days
• Paranoid mode: splits link and decryption key for two-channel delivery
• Account required: no

The protocol page documents the full encryption stack.

Related comparisons

Privnote vs Secret.Broker · Password Pusher vs Secret.Broker · Privnote vs OneTimeSecret · OneTimeSecret vs Password Pusher · All alternatives compared

Common questions