Today, most password managers are either closed-source, hybrid or open-source. While closed-source password managers don’t publicly share their codes for users to modify, open-source password managers do share their codes with a community of users to revise or update over time.
SEE: Brute Force and Dictionary Attacks: A Guide for IT Leaders (TechRepublic Premium)
If you’re an open-source enthusiast and run your PCs and desktops on the Windows operating system, you may find one of these open-source password managers reviewed in this article helpful.
The table below summarizes the key features that can be found on each open-source password manager for Windows.
| Software | Hosting | Encryption type | Password sharing | Free version | Starting Price |
|---|---|---|---|---|---|
| Bitwarden | Self-hosted, Cloud-based | AES-CBC 256-bit, PBKDF2 SHA-256 or Argon2. | Yes | Yes | Starts at $0 or less than $1/month for paid version. |
| Keeper | Cloud-hosted | AES 256-bit, Elliptic-Curve cryptography (EC) | Yes | Yes | Starts at $2/user/month. |
| Enpass | Self-hosted, Cloud-based | 256-bit AES 256-bit, PBKDF2-HMAC-SHA512 on SQLCipher engine. | Yes | Yes | Starts at $1.99/ month. |
| Proton Pass | Self-hosted | 256-bit AES-GCM, Argon2, OpenPGP, Elliptic-Curve Cryptography (ECC Curve25519) | Yes | Yes | Starts at $0 or $1.99/month for paid plan. |
| KeePass | Self-hosted | AES-256, ChaCha20 and Twofish | No | Yes | Completely free. |
| Passbolt | Self-hosted, Cloud-hosted | OpenPGP | Yes | Yes | Starts $0 or $49/month for Business plan. |
Bitwarden is probably the best-known open-source password management solution. While the Windows version isn’t the most intuitive, its extensive collection of features still makes it a top choice on our list.
SEE: Best Mac Password Managers (TechRepublic)
The Bitwarden Windows app can easily integrate with many single sign-on providers like Azure Active Directory and Okta. Bitwarden allows you to bring in a full vault experience from your browser to your Windows environment. You can log in to up to five accounts at a time, making it easy to switch between personal and work accounts at any moment. Another popular Windows feature in Bitwarden is “unlock with biometrics,” which gives you smooth access using Windows Hello with PIN, facial recognition or any other hardware that meets Windows Hello biometric requirements.
Bitwarden earned its place as our top choice open-source password manager for Windows users due to its ability to offer most password management functions while still remaining cost-effective. Bitwarden can also be self-hosted or run in the cloud, making it a good perk for individual or enterprise usage.
Bitwarden has two pricing options: Personal and Business.
The personal plan has three packages:
The business plan has two packages:
For more information, read our full Bitwarden review.
Keeper is an open-source password manager that prioritizes security with a zero-trust architecture and zero knowledge to protect your information and prevent cybercriminals from accessing your data.
SEE: How Do Password Managers Work and Why Do You Need One? (TechRepublic)
Keeper’s Windows version offers many security features, including multi-factor authentication, SSO authentication, ‘BreachWatch’, conditional access policies, Fast IDentity Online 2, WebAuthn hardware security keys, passkeys and biometric login options like Windows Hello. Keeper also offers SSO Connect On-Prem, which is a self-hosted integration that requires a Windows-hosted application server.
We are impressed with Keeper’s transparency in making every detail of their encryption model public.
Keeper offers two pricing plans: Organizations and Personal & Family.
Organizations plan has three packages:
Personal & Family plan has two packages:
For more information, read the full Keeper review.
With its user-centered approach to password management, Enpass is a great option if you need an offline password manager that can let you store data locally or in cloud environments like Dropbox, iCloud, OneDrive or Google Drive.
SEE: Are Password Managers Safe to Use? (TechRepublic)
Enpass opts for a safer approach by storing and syncing encrypted vaults on different cloud accounts, mitigating the risk of hackers accessing a centralized cloud full of user data. The tool can also sync between devices via Wi-Fi, maintaining your vaults entirely offline. Another important feature Windows users will find attractive is the ability to transfer passwords and other information from other applications into Enpass using a Windows PC. Enpass also offers breach monitoring, password generation, password audit and autofill via extension.
Aside from making its source codes open, Enpass made our list for its offline management capability and the ability to sync encrypted vaults on a user’s different cloud account.
Enpass offers two payment options: Personal/Family and Business plan.
Personal/Family plan has the following packages:
Business plan has the following packages:
For more information, read our full Enpass review.
Just like Enpass, Proton Pass is an open-source tool that offers offline functionality, which ensures users have access to their vault anytime without needing an internet connection.
Proton Pass has a smooth user experience that seamlessly integrates with the Windows operating system. The tool also connects with ProtonMail, a feature that enables users to generate email aliases for online accounts by substituting their actual email addresses. The free tier of Proton Pass offers unlimited password storage across unlimited devices but one unique Windows security feature of this open-source tool is Sentinel, a feature that blocks attackers from gaining access to your data, even if the attackers have the correct password. Sentinel is available with the paid version of Proton Pass.
We picked Proton Pass because of its unlimited password storage and the ability to protect user data via its Sentinel feature.
Proton Pass has free and paid plans.
The paid plan has two packages: Pass Plus and Proton Unlimited.
KeePass is a password manager that offers a completely free service for its desktop users. While the password manager comes short in many features, its open-source nature makes it easier for users to customize any feature they want via KeePass plugin architecture. This library of plugins and extensions makes it easier to add or modify an existing feature or functionality, such as adding autofill or changing the interface.
One unique feature of this password manager is that it can be carried on a USB stick and runs on Windows systems without being installed. The Windows dashboard also allows you to create, modify and delete groups, into which passwords can be sorted.
KeePass made our listing due to its affordability for any Windows user. Most of its open-source competitors, like Bitwarden and Proton Pass, that have free versions are not completely free — their free plans are limited in features compared to their paid counterparts.
KeePass is completely free, with no paid tiers or subscriptions. However, most password management features that can make you have a good Windows experience aren’t included by default. But, due to KeePass’s open-source nature, you can customize your KeePass client features via downloadable plugins from the KeePass site.
For more information, read the full KeePass review.
Passbolt is an open-source password manager designed for team collaboration, offering a comprehensive set of features in its Windows version. Designed with teams in mind, it offers real-time password sharing, role-based access control and nested permissions for its shared passwords. You can easily retrieve, store and share passwords programmatically with the JSON API on Passbolt Windows.
Passbolt offers a good user management capability by allowing you to remove seats or enforce security policies for all users. Its SSO integration, event logs and account recovery options are also tailored for business environments.
We selected Passbolt in our listing because of its scalable password collaboration among team members — plus its self-hosted, API-centric, privacy-focused and developer-first approach.
Passbolt pricing is based on either cloud or self-hosted.
Both cloud and self-hosted pricing offer similar packages, except the self-hosted option offers a free plan that supports unlimited users.
While open-source password managers are known for their transparency in revealing their source codes, their capabilities and use cases may vary. You have to consider your business needs before making any decision to pick a password manager.
For instance, if your business needs a password manager that offers zero-trust and zero-knowledge security architecture, while still maintaining an open-source nature, then Keeper can be a good pick. If team collaboration is your primary need, then Passbolt or Bitwarden should be a nice choice, as their Windows apps are designed with teams in mind.
Also, check if the password management features solve your specific needs and can fit into your existing stack. If you’re a Windows user, make sure the client’s app supports your Windows version.
To curate this list of the best open-source password managers for Windows, I conducted a comprehensive research and evaluation of each product. I checked each manager’s security features, user interface, team collaboration, ease of use, community support and storage options. I had hands-on testing of Passbolt, Keeper and Bitwarden on my Windows PC, during which I evaluated their setup processes, user interface, password generation capabilities, hosting options and integration with third-party SSO. I also watched video demos and read documentations provided on each vendor’s website to understand what the clients said about their features.
Lastly, I went through different external reviews to gain insight into what users are saying about each product.
