Zum Inhalt springen
Unabhängig verifiziert · Quartalsweises Re-Audit
EU VETTED

Passbolt

VERIFIZIERT
Passwort-Manager · Luxembourg
Gegründet 2017 · passbolt.com ↗

Luxembourg-incorporated AGPLv3 open-source team password manager (Passbolt SA), SOC 2 Type II, self-hostable, used by LU/FR government.

Kurzfassung

Passbolt aus der Kategorie Passwort-Manager ist ein EU-eigener Dienst mit Luxembourg als Hosting-Standort und ohne erkennbares CLOUD-Act-Risiko.

Bewertungsnotizen

Passbolt SA (9 Avenue du Blues, L-4368 Belvaux, Luxembourg; incorporated 2017, concept since 2011) is a fully AGPLv3 open-source team password manager (even the paid Business tier is open source) built around OpenPGP end-to-end encryption, self-hostable by default with Cloud as a managed alternative, and audited by independent third parties several times a year with all reports public; SOC 2 Type II attested. Customer base includes the Luxembourg government IT body and France's Ministry of the Interior. Founder team active; investors are Luxembourg / EU (Luxinnovation, Scalefund, Yeast); €11M raised across 2020 (€3M) and 2024 (€8M); 30+ remote-first team. EU-owned, EU-hosted (Luxembourg), with no CLOUD Act exposure.

CLOUD ACT
OWNERSHIP
SUB-PROCS
0 keine offengelegt
Geprüfte Signale
Jurisdiktion
  • EU-/Angemessenheits-Hosting
  • EU-/Angemessenheits-Betreiber
  • Keine US-CLOUD-Act-Exposition
Transparenz
  • Öffentlicher AVV
  • Unterauftragsverarbeiter offengelegt
  • Open-Source-Clients
  • Zertifizierung durch Dritte
JUMP TO
OVERVIEW

Über Passbolt

Passbolt is one of the cleanest open-source password-manager listings in this directory. The legal entity is Passbolt SA at 9 Avenue du Blues, L-4368 Belvaux, Luxembourg, incorporated as a formal company in 2017 after the concept originated within a Luxembourg digital agency in 2011. The product was conceived as a collaborative successor to KeePass, with a focus on team credentials sharing, RBAC, audit logging, and OpenPGP-based end-to-end encryption (1:1 keys per credential). Customer references include the Luxembourg government IT body and the French Ministry of the Interior. These are strong public-sector procurement signals that, combined with the open-source licensing, make Passbolt a natural fit for EU sovereign-procurement workflows.

Compliance and transparency posture is best-in-class. Both the Community (free) edition AND the paid Business + Enterprise editions are released under the GNU Affero General Public License v3 (AGPLv3). Buyers can fork the codebase, run audits internally, and never face vendor lock-in. The company commissions independent third-party audits multiple times per year with all reports public, including SOC 2 Type II attestation. Encryption is OpenPGP with 1:1 per-credential keys; no server operator (including Passbolt's own Cloud team) can decrypt customer vaults. Self-host deployment supports Docker, Kubernetes (Helm), and native installation on Ubuntu, Rocky Linux, and openSUSE. That gives full flexibility to run on Hetzner, OVHcloud, Scaleway, IONOS, STACKIT, or any other EU GPU / VPS infrastructure.

Pricing is open-source-friendly and procurement-grade. Community Edition is free under AGPLv3 with unlimited users, core feature set, browser extensions, API, role-based access, with community support only. Business is €4.50 per user per month billed annually (10-user minimum) and adds tags, LDAP provisioning, SSO (Microsoft, Google, OpenID), account recovery, audit logs, and a packaged VM appliance with next-business-day email support. Enterprise is custom with 4-hour SLA, white-glove migration, custom development, and disaster-recovery consulting. Non-profits qualify for special pricing. Best fit: EU public-sector buyers, regulated industries (finance, defence, healthcare), teams that need SAML / LDAP SSO with audit-log compliance, and any procurement-grade buyer who wants AGPLv3 source-availability plus SOC 2 Type II attestation on a Luxembourg-incorporated open-source vendor.

SUB-PROCESSORS

Unterauftragsverarbeiter-Karte · keine offengelegt

Quelle ↗
Anbieter gibt null Unterauftragsverarbeiter an. Die gesamte Datenverarbeitung erfolgt im eigenen Haus.
CERTIFICATIONS

Rahmenwerke & Zertifizierungen

SOC 2
AKTIV
Hinweis · US-Rahmenwerk
FEATURES

Funktionsmatrix

Passkeys Nein
Autofill Ja
Leak-Überwachung Ja
Familienfreigabe Ja
Datenexport Ja
Geräte Unbegrenzt
Plattformen iOS Android Windows Linux
INTEGRATION & ZUGRIFF
REST API Yes
SSO (SAML / OIDC) Yes
COMPLIANCE & GOVERNANCE
Audit log Yes
Self-host / on-prem option Yes
PRICING

Preise & Tarife

FREEMIUM
ab €5/Monat
Preisseite ansehen ↗
PUBLIC DOCUMENTS

Öffentliche Dokumente

  • Auftragsverarbeitungsvertrag (AVV)
    www.passbolt.com/terms…
    Öffnen ↗
  • Liste der Unterauftragsverarbeiter
    www.passbolt.com/terms…
    Öffnen ↗
  • Nutzungsbedingungen
    www.passbolt.com/legal…
    Öffnen ↗
ALTERNATIVES

Alternativen in dieser Kategorie

heylogin
Germany · Gegründet 2021
EU-SOUVERäN

German passwordless zero-knowledge password manager (heylogin GmbH, Braunschweig), all-German sub-processor stack, ISO 27001:2022, no CLOUD Act exposure.

Öffentl. AVV Subprozessoren Open Source
FROM
€4/Mt.
CLOUD ACT
NONE
KeePassXC
Germany · Gegründet 2016
EU-SOUVERäN

GPLv3 fully-offline desktop password manager (KeePassXC Team, Weimar DE, est. 2016): no cloud, no servers, no telemetry; structurally zero CLOUD Act exposure.

Öffentl. AVV Subprozessoren Open Source
FROM
CLOUD ACT
NONE
LC-Pass
Germany
EU-SOUVERäN

German-hosted business password manager from LC by vBoxx GmbH; collections, group sharing, central management, unlimited devices; an EU-hosted 1Password / LastPass alternative.

Öffentl. AVV Subprozessoren Open Source
FROM
€3.99/Mt.
CLOUD ACT
NONE