diff --git a/deployment.sample.ini b/deployment.sample.ini
index 3190938..b85e4c1 100644
--- a/deployment.sample.ini
+++ b/deployment.sample.ini
@@ -4,6 +4,7 @@ remote = ftp://user:secretpassword@ftp.example.com/directory
 ; you can use ftps://, sftp:// or file:// protocols (sftp requires SSH2 extension)
 
 ; do not like to specify user & password in 'remote'? Use these options:
+; do not like to store password in config file? specify password = STDIN
 ;user = ...
 ;password = ...
 
diff --git a/readme.md b/readme.md
index 1009c48..870063d 100644
--- a/readme.md
+++ b/readme.md
@@ -215,5 +215,5 @@ Need SSH authenticate using a public key?
 ```
 publicKey = '/key/id_rsa.pub'
 privateKey = '/key/id_rsa'
-passPhrase = 'yourpass' #optional - If needed passphrase for privateKey
+passPhrase = 'yourpass' #optional - If needed passphrase for privateKey, or set to STDIN to enter via command line
 ```
diff --git a/src/Deployment/FtpServer.php b/src/Deployment/FtpServer.php
index d60aa88..c0a192a 100644
--- a/src/Deployment/FtpServer.php
+++ b/src/Deployment/FtpServer.php
@@ -68,7 +68,11 @@ public function connect(): void
 			? Safe::ftp_connect($this->url['host'], $this->url['port'] ?? 21)
 			: Safe::ftp_ssl_connect($this->url['host'], $this->url['port'] ?? 21);
 
-		Safe::ftp_login($this->connection, urldecode($this->url['user']), urldecode($this->url['pass']));
+		$pass = $this->url['pass'];
+		if ($pass === 'STDIN') {
+			$pass = Helpers::getHiddenInput("Enter password for {$this->url['user']}: ");
+		}
+		Safe::ftp_login($this->connection, urldecode($this->url['user']), urldecode($pass));
 
 		if ($this->passiveMode) {
 			Safe::ftp_set_option($this->connection, FTP_USEPASVADDRESS, false);
diff --git a/src/Deployment/Helpers.php b/src/Deployment/Helpers.php
index b31982f..6349dd3 100644
--- a/src/Deployment/Helpers.php
+++ b/src/Deployment/Helpers.php
@@ -124,4 +124,17 @@ public static function buildUrl(array $url): string
 			. (isset($url['port']) ? ':' . $url['port'] : '')
 			. ($url['path'] ?? '');
 	}
+
+
+	public static function getHiddenInput(string $prompt = ''): string
+	{
+		if ($prompt) {
+			echo $prompt;
+		}
+		@exec('stty -echo 2>&1');
+		$password = stream_get_line(STDIN, 1024, PHP_EOL);
+		echo PHP_EOL;
+		@exec('stty echo 2>&1');
+		return $password;
+	}
 }
diff --git a/src/Deployment/PhpsecServer.php b/src/Deployment/PhpsecServer.php
index 006ccec..12a6b87 100644
--- a/src/Deployment/PhpsecServer.php
+++ b/src/Deployment/PhpsecServer.php
@@ -43,7 +43,11 @@ public function connect(): void
 		}
 		$sftp = new SFTP($this->url['host'], $this->url['port'] ?? 22);
 		if ($this->privateKey) {
-			$key = PublicKeyLoader::load(file_get_contents($this->privateKey), $this->passPhrase ?? false);
+			$passPhrase = $this->passPhrase ?? false;
+			if ($passPhrase === 'STDIN') {
+				$passPhrase = Helpers::getHiddenInput("Enter password for private key: ");
+			}
+			$key = PublicKeyLoader::load(file_get_contents($this->privateKey), $passPhrase);
 			if (!$sftp->login(urldecode($this->url['user']), $key)) {
 				throw new ServerException('Login failed with private key');
 			}
diff --git a/src/Deployment/SshServer.php b/src/Deployment/SshServer.php
index bdb3335..2a20c6d 100644
--- a/src/Deployment/SshServer.php
+++ b/src/Deployment/SshServer.php
@@ -70,9 +70,17 @@ public function connect(): void
 		}
 		$this->connection = Safe::ssh2_connect($this->url['host'], $this->url['port'] ?? 22);
 		if (isset($this->url['pass'])) {
-			Safe::ssh2_auth_password($this->connection, urldecode($this->url['user']), urldecode($this->url['pass']));
+			$pass = $this->url['pass'];
+			if ($pass === 'STDIN') {
+				$pass = Helpers::getHiddenInput("Enter password for {$this->url['user']}: ");
+			}
+			Safe::ssh2_auth_password($this->connection, urldecode($this->url['user']), urldecode($pass));
 		} elseif ($this->publicKey && $this->privateKey) {
-			Safe::ssh2_auth_pubkey_file($this->connection, urldecode($this->url['user']), $this->publicKey, $this->privateKey, (string) $this->passPhrase);
+			$passPhrase = $this->passPhrase;
+			if ($passPhrase === 'STDIN') {
+				$passPhrase = Helpers::getHiddenInput("Enter password for private key: ");
+			}
+			Safe::ssh2_auth_pubkey_file($this->connection, urldecode($this->url['user']), $this->publicKey, $this->privateKey, (string) $passPhrase);
 		} else {
 			Safe::ssh2_auth_agent($this->connection, urldecode($this->url['user']));
 		}