Open-source team password manager built for collaboration with GPG encryption
Passbolt is an open-source team password manager built specifically for collaborative credential sharing in technical teams. Unlike individual-focused managers adapted for team use, Passbolt's core design is multi-user access control — sharing passwords with specific team members, groups, or the entire organisation using GPG public-key encryption so each recipient's copy is individually encrypted with their key.
Passbolt is a strong fit if its core strengths match your workflow, budget, and support needs. Use the quick signals below before opening the full review.
Passbolt's architecture is distinctive: every shared credential is encrypted individually for each authorised recipient using their GPG public key. There is no shared symmetric key that, if compromised, decrypts all shared credentials. Each person's copy of a shared password is encrypted with their specific key, so access revocation simply stops future shares — existing encrypted copies are not retroactively accessible.
Passbolt uses the OpenPGP standard — each user has a GPG key pair, with their public key stored on the Passbolt server and their private key stored only on their device. When a password is shared with a user, it is encrypted with that user's public key — only their private key can decrypt it. This architecture eliminates the 'shared master key' risk present in simpler sharing models and provides mathematically verifiable access control.
Passbolt Community Edition is fully open-source and free for self-hosting with unlimited users and unlimited passwords. For organisations with a server infrastructure team, the cost is exclusively operational — no per-user subscription fee. Activity logs track every access and modification with timestamps. The Business plan adds LDAP/AD sync, SSO, and user provisioning for organisations needing directory integration.
Passbolt is designed for the engineering and IT credential sharing use case — database passwords, server credentials, API keys, and service accounts that need to be shared across team members with access revocation capabilities. It is less suited to individual credential storage or non-technical team workflows.
Score: 7.7/10 — Best open-source team credential sharing with GPG security; technical setup requirements limit adoption to technical teams.
Free
Free billed annually
$5/mo
$60/mo billed annually
Passbolt is best for DevOps and engineering teams that need to share infrastructure credentials (server passwords, API keys, database credentials) with fine-grained team access control, Security-conscious organisations that need open-source, self-hosted, GPG-based credential sharing with complete audit trails, IT and system administration teams managing shared accounts and service credentials across multiple environments.
Yes. Passbolt currently lists a free plan in ToolRankr data.
It has a free plan.
Passbolt is reviewed using ToolRankr's scoring model for ease of use, value, features, support, and overall quality. Affiliate links may earn a commission, but sponsored labels do not change editorial scoring.
Get major pricing, feature, and ranking changes for tools you care about.
