Agrippa is a PHP-based secret sharing mechanism. Named after the work of William Gibson, Agrippa operates on the principle that sharing a temporary link to sensitive information is better than having the sensitive information itself persist in email, chat, or any other insecure communications channel.

How It Works

  1. Enter the secret to share, an expiration date/time, and a view limit.
  2. Receive a unique link to the secret, which can be shared with the intended recipient.
  3. Once the link expires or the view limit is surpassed, the secret is destroyed.


In short, Agrippa has the same requirements as Laravel 5.1:


  1. Run composer create-project unicalabs/agrippa myagrippa to create your instance of Agrippa.
  2. Enter the newly-created project: cd myagrippa
  3. Change APP_SALT in .env to a randomly-generated value.
  4. Create the database: touch storage/database.sqlite Alternatively, adjust .env to use your MySQL, PostgreSQL, or SQL server connection.
  5. Set up the database: php artisan migrate
  6. Configure Apache or Nginx to serve the public folder. Use the Laravel configuration documentation for guidance.


Documentation for the framework (Laravel 5.1) can be found on the Laravel website. To get a development environment up and running, see the Laravel Homestead documentation. You can reference the following example Homestead configuration, if it helps:

ip: ""
memory: 2048
cpus: 2
provider: virtualbox

authorize: ~/.ssh/id_rsa.pub

    - ~/.ssh/id_rsa

    - map: ~/Documents/workspace/agrippa
      to: /home/vagrant/agrippa

    - map: agrippa.local
      to: /home/vagrant/agrippa/public

    - key: APP_ENV
      value: local


The idea of sharing secrets through URLs with time and view limits originally came from pglombardo's PasswordPusher, written with Ruby on Rails in 2011. In 2012, the project was shared on Reddit and subsequently open-sourced, leading to PHPasswordPusher, a PHP port of the original. Agrippa is itself a rewrite that sports the flexibility of the Laravel framework, while PHPasswordPusher provides the basic functionality for those constrained to older PHP versions (5.3+). As of August 2015, all projects continue to be actively maintained.