Psono

Psono is a self-hosted team password manager built around multi-layer client-side encryption. Credentials are encrypted locally on the user’s device before they are transmitted to the server, which means the server stores only ciphertext. The model is similar to Passbolt’s OpenPGP approach but uses a different cryptographic architecture, layering client-side encryption with SSL in transit and storage-level encryption at rest.

The pricing structure is what makes Psono stand out in a crowded category. There are two self-hosted tiers. The Community Edition is free, unlimited users, and open source under Apache-2.0 — covering password management, sharing, and MFA. The Enterprise Edition adds LDAP provisioning, SAML and OIDC single sign-on, audit logging, and compliance policy enforcement, and it is free up to 10 users. For a small team that needs SSO and audit trails, that is a meaningful offer that Passbolt and Vaultwarden do not match at the same price.

Client access is comprehensive. Browser extensions cover Chrome, Firefox, and Edge. Mobile apps are available for iOS and Android. Desktop apps run on Windows, macOS, and Linux. The web client works in any browser without an extension. Teams that need consistent access across a mix of devices and platforms can deploy Psono once and cover the entire fleet.

The GitHub star count (100) is notably low for a tool with over 2 million Docker image downloads and a 4.7/5 rating on G2. The project is split across multiple repositories and has historically been less visible in the self-hosted community than Passbolt or Vaultwarden. The low star count makes it harder to gauge development momentum and community health from the outside.

For teams with 11 to 24 users, there is a pricing gap — the EE free tier caps at 10 users and the Business tier requires a minimum of 25. Teams in that range would need to move directly to the Business plan at $3/user/month.

Psono: Pros & Cons