Encryption Key Generator

Generate a secure encryption key for your self-hosted Password Pusher instance.

Why Use a Custom Key?

Password Pusher encrypts all sensitive data in the database using a master encryption key. While a default key is provided for convenience, using your own unique key provides the highest level of security for your private instance.

Your Generated Key

Raw Encryption Key

Environment Variable Format

Set this environment variable in your deployment configuration.

Generate New Key

Important Notes

Default Key Available

A default key is used if none is provided. This works but is less secure than a custom key.

Reduce Risk

Using short push expirations (e.g., 1 day/1 view) reduces risk even with the default key.

Data Deletion

Once a push expires, all encrypted data is permanently deleted from the database.

Key Changes

Changing keys makes existing pushes unreadable. New pushes will work normally.

Command Line Alternative

You can also generate keys from the command line in the application source:

# In your Password Pusher directory

$ bundle install

$ rails console

> Lockbox.generate_key

# => "7506e6f70c5c68793e76836c3a4bf65fcca083868f6d564ca1875297b4f22be2"

Learn More

For detailed configuration options and deployment strategies, see the Configuration Documentation .