Security-first, open sourcepassword manager for

Finally, a password manager built for organizations that take their security and privacy seriously. Passbolt is trusted by 15 000 of them worldwide, including F500 companies, the defense industry, universities, startups and many others.

Product tour preview image

What makes passbolt different?

Tldr; more security, better collaboration, less artifices.

Radical security

We believe that any honest discussion about password managers must be heavily focused on security. Passbolt puts security first. Top penetration testers regularly assess our software, and findings are made public.

Our security model supports user-owned secret keys and end-to-end encryption even in complex scenarios. Passbolt is committed to practising transparency, keeping things real and being radically open. We refuse to participate in the security theatre.

Built for collaboration

While most password managers focus primarily on individuals. Passbolt goes a step further, developing a platform that meets the needs of organisations and teams.

Securely share your credentials, with powerful and dependable auditing tools for power users. Passbolt delivers unparalleled granularity for both access controls and encrypted data.

Privacy in its DNA

Headquartered in the EU 🇪🇺, specifically in Luxembourg, privacy is not only a top priority; it’s guaranteed by the law.

There’s no better method to ensure your privacy is protected than to host it behind your firewalls or in an air-gapped environment where you have full control.

Even the paid versions of passbolt are 100% open source, allowing transparency and letting anyone audit the code.

Run it on your own server, natively

Stay in control of your data, deploy passbolt within minutes, on-prem or on infrastructure you already trust.

Install now

“So versatile, you can even run it on a Raspberry Pi”

Passbolt servers are designed to be simple to install and easy to manage. Yet they are enterprise-ready and can support complex setup for high availability.

Check how it's done

Sync passwords between browsers and devices

Passbolt can be used from your browser or mobile phone. Sharing happens in real time. Desktop apps are coming soon.

Built for developers,
by developers

  • Retrieve, store and share passwords programmatically with the JSON api.
  • Automate at scale with Passbolt CLI
  • Real time access logs

Made in europe. Privacy by default.

Privacy is in our DNA, but also in the DNA of European laws (to make sure we don’t change our mind).

  • GDPR Compliant.
  • Self-host it for full data ownership.
  • Host it in our cloud, located in Europe.
  • No tracker, no strings attached.

Security by design. Audited and certified.

Say goodbye to old school shared vaults, their symmetric encryption and security limitations. Embrace the future of secrets sharing. Reclaim control of your security.

  • 100% asymmetric end-to-end security, backed by OpenPGP.
  • Users can control their own encryption key.
  • Share secrets individually, not in vaults.
  • Reliable audit logs, server side.
  • Accesses revokation that actually works.
SOC2 type 1Discover passbolt security
All in all, the Passbolt application is in a very good state and capitalizes on a number of security strengths, especially gained by extensive knowledge of the developers who implement comprehensive mitigations and anticipate attacks quite well.
Image that illustrates Show me your entropy and I’ll break your password

PART 2: Insights from Entropy. This article highlights how the entropy of a password can expose sensitive information and the potential risks associated with it.

Jul 29, 2024

h
b
c
e
i
a