Passbolt

A European secure, open-source password manager for teams.

Ad-Free Open Source European No Third-Party Trackers Self-Hostable Free of Charge
Website

Description

Passbolt is an open-source, self-hostable password manager designed for teams and organisations that prioritise privacy, security, and data ownership. It uses end-to-end OpenPGP encryption, ensuring that only authorised users can access stored credentials. The platform is fully auditable, with multiple independent security audits conducted in 2025, including a comprehensive white-box penetration test, which identified and addressed several vulnerabilities.

Passbolt's self-hosting capability allows organisations to maintain full control over their data, making it a compelling choice for those concerned about data sovereignty and compliance with regulations like GDPR. The platform offers granular sharing, fine-grained permissions, and detailed audit logs. Recent updates have introduced custom fields, improved user and group management, and secret history, enhancing both functionality and usability.

However, Passbolt is not without its challenges. In March 2025, a minor incident during a cloud deployment briefly disrupted service, though no data was compromised. In August 2025 a browser extension clickjacking vulnerability was published, Passbolt is affected by the issue and didn't release updates to protect its users against this attack vector as far as we know. The platform's user interface has been criticised as somewhat clunky. Additionally, while Passbolt's cloud hosting is based in Europe, it uses infrastructure from major providers like AWS and Google Cloud, which raises privacy concerns.

Website

Sustainability Features of Passbolt

Ad-Free - Services that do not display advertisements to users, ensuring a cleaner and more private experience.

Passbolt is ad-free, ensuring a cleaner and more private user experience.

Open Source - Free and Open-Source Software

Passbolt is fully open-source, allowing for transparency, community scrutiny, and self-hosting.

European - Based in Europe, ensuring compliance with GDPR and European privacy and labor regulations.

Passbolt is based in Luxembourg and offers European cloud hosting, ensuring compliance with GDPR and strong privacy laws.

No Third-Party Trackers - Services that do not use third-party cookies or trackers, ensuring user privacy.

Passbolt does not include any trackers or third-party analytics, ensuring user privacy.

Self-Hostable - Services that can be hosted by users, giving full control over data and enhancing privacy.

Passbolt can be self-hosted on your own infrastructure, giving full control over data and enhancing privacy.

Free of Charge - The services provided can be used for free.

Passbolt offers a free Community Edition for individuals and small teams, with paid plans for larger organizations.

Website

Summary

Passbolt is an open-source, self-hostable password manager designed for teams and organisations that prioritise privacy, security, and data ownership. It uses end-to-end OpenPGP encryption, ensuring that only authorised users can access stored credentials. Passbolt can be hosted on your own infrastructure or in the cloud, with the latter hosted in Europe, providing strong privacy protections under GDPR. The platform is regularly audited for security and compliance, and its code is fully open-source. While Passbolt is highly regarded for its security model and self-hosting flexibility, its user interface and feature set may not be as polished as some commercial alternatives.

Sustainability Score
92

More Sustainable Alternatives for Password Management

KeePassXC

A modern, secure open-source password manager focusing on offline storage.

KeePassXC is completely free to use, with no subscription or hidden costs.
KeePassXC does not include any third-party trackers or analytics, ensuring user privacy.
KeePassXC works entirely offline, ensuring no dependency on cloud services and full user control over data.
KeePassXC is fully open-source, allowing for transparency, community scrutiny, and customization.
KeePassXC is self-hostable, giving users full control over their data.
KeePassXC is ad-free, ensuring a cleaner and more private user experience.
Website

Bitwarden

An open-source password manager focusing on security, privacy, and self-hosting.

Bitwarden is fully open-source, allowing for transparency, community scrutiny, and self-hosting.
Bitwarden works offline in read-only mode. Editing entries only works online.
Bitwarden offers a free plan with all essential features, making it accessible for individuals and small teams.
Bitwarden can be self-hosted on your own infrastructure, giving full control over data and enhancing privacy.
Bitwarden does not include third-party trackers, ensuring user privacy.
Bitwarden is ad-free, ensuring a cleaner and more private user experience.
Website