Skip to content

Password Management

  • Threat Model

    Protect your organizaiton from these threats:

    The services on this page can replace...

    • 1Password, LastPass, Dashlane, Nordpass
    • credential stores in Windows or macOS
    • password managers built into web browsers

Using a service provider

Bitwarden

Bitwarden is a password management service backed by a server and clients which are all open-source. Their base service is free, and premium plans start at a dollar per month. Bitwarden also offers family plans for up to 6 members and plans for businesses.

There are desktop apps for for Windows, macOS, and Linux too! There are also mobile apps for Android and iOS, and extenstion for all the major web browsers.

Proton Pass

Proton Pass is part of the Proton suite of zero-knowledge services. All plans get 2FA authentication, secure sharing, and unlimited email aliases. They also offer Proton for Business plans that cater to organizations.

There are desktop apps for for Windows and macOS (no Linux app just yet), mobile apps for Android and iOS, and extenstion for all the major web browsers.

Self-hosting

Vaultwarden

Left off here

Self-hosting Quick Look

Application Nextcloud All-in-one (AIO)
User-friendliness
Ease of deployment
Quality of docs
SSO ✅

You can follow the setup instructions straight from the source at Vaultwarden GitHub repo,

or checkout out this amazing guide and walk-through video from Open Source is Awesome.

Ansible Deployment with lt-server-setup

We provide an automated deployment of Vaultwarden through Ansible based on the instructions in the GitHub page.

For ultra-sensitive situations

If there's a high risk of your users being compromised, it might be best to avoid self-hosting a password manager altogether. Local-only (or "offline") password managers that run on your devices are free to use and quite secure. However, you will need to have your own backup solution (Syncthing could help here).

KeePassXC

KeePassXC is a popular fork of the KeePass project. KeePassXC includes a password/passphrase generator, password strength meter, a file store, and a web browswer plugin.

It runs on Windows, macOS, Linux, and Android. There are iOS apps that are compatible with KeePass databases, but we didn't find any that were open-source.