Psono is an open-source, self-hosted password manager and secrets vault designed for enterprises and DevOps teams. It provides encrypted credential storage, team sharing capabilities, audit logging, and access policies. Built on a Python/Django stack with client-side encryption, Psono ensures that sensitive data never leaves your infrastructure unencrypted.
Latest Stable Version: v15.x (2025) | License: Apache 2.0 | Downloads: 2+ million
Psono stands out in the secrets management landscape with its multi-level encryption approach, combining client-side encryption, end-to-end encryption for sharing, SSL/TLS transport encryption, and storage encryption. The platform is developed by esaqa GmbH (Germany) and maintains a strong security focus with annual third-party audits.
| Feature | Description |
|---|---|
| Client-Side Encryption | Data encrypted in the browser/client before sending to server |
| End-to-End Sharing | Encrypted password sharing between team members |
| Multi-Level Encryption | Client-side + E2E + SSL + Storage encryption layers |
| PyNaCl Cryptography | Industry-standard cryptographic library (NaCl/libsodium) |
| Passkey Support | FIDO2/WebAuthn passkey authentication (since 2024) |
| Two-Factor Authentication | TOTP, U2F, and YubiKey support |
| Feature | Description |
|---|---|
| Shared Folders | Organize credentials in team-accessible folders |
| Group Permissions | Granular access control via user groups |
| Audit Logs | Complete history of access and modification events |
| API Keys | Programmatic access for automation and integrations |
| File Repository | Secure file storage alongside credentials |
| Emergency Access | Break-glass procedures for critical accounts |
| Platform | Support |
|---|---|
| Desktop | Linux, Windows, macOS (native apps) |
| Mobile | iOS, Android (Flutter-based apps) |
| Browser | Chrome, Firefox, Edge extensions |
| Web Client | Browser-based access |
| Admin Portal | Web-based administration |
| Architecture | x86_64, ARM64 (since Nov 2023) |
Centralized credential storage for organizations with strict data residency requirements. Keep all passwords within your network perimeter while enabling secure team collaboration.
Store API keys, database credentials, SSH keys, and service account tokens. Integrate with CI/CD pipelines via API for automated secret retrieval during deployments.
Share credentials across teams without exposing plaintext passwords. Define granular permissions and maintain audit trails for compliance requirements.
Meet regulatory requirements (GDPR, ISO 27001, HIPAA) by hosting sensitive credentials on-premise. Annual security audits by Cure53, X41, and Trovent validate security posture.
| Component | Technology |
|---|---|
| Backend | Python 3, Django framework |
| Database | PostgreSQL (recommended), MySQL |
| Frontend | JavaScript, modern web frameworks |
| Deployment | Docker, Docker Compose, Kubernetes-ready |
| Web Server | Nginx, Apache (reverse proxy) |
| Client | Technology | License |
|---|---|---|
| Desktop App | Native (Linux, Windows, macOS) | Apache 2.0 |
| Mobile Apps | Flutter (iOS, Android) | Apache 2.0 |
| Browser Extensions | Chrome, Firefox, Edge | Proprietary |
| Web Client | Modern JavaScript | Proprietary |
| Resource | Minimum | Recommended |
|---|---|---|
| CPU | 2 cores | 4+ cores |
| RAM | 2 GB | 4-8 GB |
| Storage | 10 GB | 50+ GB (SSD) |
| OS | Debian 10+, Ubuntu 20.04+, RHEL 9+ | Debian 12, Ubuntu 22.04+ |
| Version | Status | Release Date | Notes |
|---|---|---|---|
| v15.x | Current Stable | 2025 | Latest production release |
| v14.x | Stable | 2024 | Passkey support added |
| v13.x | Stable | 2023 | ARM64 architecture support |
| v12.x | Legacy | 2022 | Mobile app improvements |
💡 Latest Release Hint: The
latestDocker tag may not always point to the most recent version. Check GitLab releases and specify explicit version tags (e.g.,psono/psono-server:15.1) for production deployments.
| Aspect | Status |
|---|---|
| Development | Active (GitLab canonical repository) |
| Security Audits | Annual audits (Cure53 2025, X41 2024, Trovent 2023) |
| Certifications | ISO 27001 certified (Sep 2025) |
| Community | Active Discord community, GitLab issues |
| Docker Images | Available (Alpine & Debian variants) |
| ARM64 Support | Available (since Nov 2023) |
For a quick test deployment:
# Clone the repository
git clone https://github.com/psono/psono-server psono
cd psono
# Start with Docker Compose
docker compose up -d
⚠️ Warning: The quickstart script and default Docker Compose are for demo purposes only. For production deployments, follow the detailed setup guides with proper security hardening, backup strategies, and TLS configuration.
Any questions?
Feel free to contact us. Find all contact information on our contact page.