Questions, answered.
Do I need to give an email?
No. You can create an account with a generated passphrase: no email, phone, or personal details. Email is an optional convenience, and even then it's only ever stored as a blinded hash.
What happens if I forget my master password?
There is no password reset, by design. Since only your device can decrypt your vault, no one (including us) can recover it. Keep your recovery passphrase somewhere safe.
How is this different from my browser's password manager?
Your vault is end-to-end encrypted and portable across browsers and devices, with a zero-knowledge server that can't read it, and it isn't tied to one browser account.
Is it really zero-knowledge?
Yes. Encryption and decryption happen on your device; the server only stores ciphertext. See the Security page for the details and the open-source code.
Can I self-host it?
Yes. The backend is a single static Go binary with SQLite. Run it yourself and point the apps at it.
Is it finished?
It's actively being built and is pre-audit. Try it, but hold off on storing irreplaceable secrets until the independent security review is complete.
Get passwd
Use it in your browser today; native apps are on the way.
Browser extension
Chrome and Firefox popup with autofill. Store listings coming soon.
Desktop app
A standalone, offline vault for Linux today (AppImage/.deb); signed macOS and Windows builds coming soon.
Prefer to run it yourself? Self-host from the source →