1Password
Password manager to secure and autofill logins and sensitive info
Passbolt
Secure collaborative password manager for teams, self‑hosted
Passbolt lets teams store, organize, and share passwords with end‑to‑end encryption, user‑owned keys, and audit‑ready policies, all deployable on‑premise without telemetry.
Overview
Overview
Passbolt is a security‑first password manager designed for teams that need to store, organize, and share credentials safely. It uses end‑to‑end encryption with user‑owned secret keys, ensuring that only authorized users can decrypt passwords. The platform is audited regularly and all findings are published, providing transparency and trust.
Deployment & Clients
The solution can be self‑hosted on any server that supports PHP, including air‑gapped environments for highly regulated sectors. Teams access secrets through official browser extensions for Chrome‑based browsers, Firefox, and Edge, as well as mobile apps on iOS and Android, and a CLI tool for automation. A pre‑alpha desktop application is also available. Because Passbolt does not collect telemetry, organizations retain full control over their data and privacy compliance.
Highlights
End‑to‑end encryption with user‑owned secret keys
Granular sharing and audit policies for teams
Self‑hosted deployment, including air‑gapped environments
Multiple client apps: browser extensions, mobile, CLI
Pros
- Strong security model with public audits
- No telemetry, respects privacy
- Flexible client ecosystem
- Open source AGPL‑3.0 license
Considerations
- Requires own server infrastructure
- Limited official desktop app (pre‑alpha only)
- Enterprise features behind paid plans
- Steeper learning curve for non‑technical admins
Managed products teams compare with
When teams consider Passbolt, these hosted platforms usually appear on the same shortlist.
Looking for a hosted option? These are the services engineering teams benchmark against before choosing open source.
Fit guide
Great for
- SMEs and enterprises needing self‑hosted password management
- Security‑focused teams that require end‑to‑end encryption
- Organizations with strict data‑privacy regulations
- Developers comfortable managing PHP‑based services
Not ideal when
- Users seeking a fully managed cloud‑only solution
- Small teams preferring simple consumer‑grade password vaults
- Environments without server administration expertise
- Organizations requiring native desktop applications out‑of‑the‑box
How teams use it
Secure credential sharing across devops teams
Engineers access shared service accounts without exposing passwords to admins.
Air‑gapped internal network password vault
Critical infrastructure credentials stored on an isolated server, complying with regulatory mandates.
Compliance‑ready audit trails for password changes
Security auditors retrieve immutable logs of who accessed or modified each secret.
Integrating password retrieval into CI pipelines via CLI
Automated scripts fetch secrets securely during builds, eliminating hard‑coded credentials.
Tech snapshot
PHP99%
JavaScript1%
Shell1%
Starlark1%
Hack1%
Batchfile1%
Frequently asked questions
Is Passbolt free to use?
Passbolt Community Edition is free under the AGPL‑3.0 license; commercial editions add extra features and support.
Can I host Passbolt on my own infrastructure?
Yes, the API can be installed on any server that meets the PHP requirements and can run in air‑gapped environments.
What browsers are supported?
Official extensions exist for Chrome‑based browsers, Firefox, and Edge.
How is data encrypted?
Each user holds a secret key; passwords are encrypted client‑side and stored only in encrypted form.
Where can I report a security vulnerability?
Send details to security@passbolt.com; public disclosure follows a responsible process.
Project at a glance
Active- Stars
- 5,587
- Watchers
- 5,587
- Forks
- 362
LicenseAGPL-3.0
Repo age9 years old
Last commityesterday
Primary languagePHP
Last synced 50 minutes ago