US-incorporated open-source password manager (Florida/Santa Barbara). GPL self-host option.
DISCLOSURE Some links on this site are affiliate links. We may earn a commission at no extra cost to you. Compliance scores and editorial rankings are never influenced by affiliate relationships.
Listed for transparency. Every product on this page is benchmarked against this baseline.
US-incorporated open-source password manager (Florida/Santa Barbara). GPL self-host option.
All 9 alternatives ranked by compliance score, benchmarked against Bitwarden.
| Product | Score | Owner | CLOUD Act | Cert. | Pricing | Action |
|---|---|---|---|---|---|---|
|
Bitwarden
benchmark · US
|
1.0/5 | OWNERSHIP
Where ultimate control over the operating company sits.
|
CLOUD ACT EXPOSURE
How exposed customer data is to US authorities under the CLOUD Act.
|
SOC 2 no EU framework |
Freemium | your current |
|
Vaultwarden
Spain
|
VERIFIED SIGNALS
Jurisdiction
Transparency
|
OWNERSHIP
Where ultimate control over the operating company sits.
|
CLOUD ACT EXPOSURE
How exposed customer data is to US authorities under the CLOUD Act.
|
— | Free | View profile → |
|
Proton Pass
Switzerland
|
VERIFIED SIGNALS
Jurisdiction
Transparency
|
OWNERSHIP
Where ultimate control over the operating company sits.
|
CLOUD ACT EXPOSURE
How exposed customer data is to US authorities under the CLOUD Act.
|
— |
Freemium
€2 / mo
|
View profile → |
|
Psono
Germany
|
VERIFIED SIGNALS
Jurisdiction
Transparency
|
OWNERSHIP
Where ultimate control over the operating company sits.
|
CLOUD ACT EXPOSURE
How exposed customer data is to US authorities under the CLOUD Act.
|
— |
Freemium
€0 / mo
|
View profile → |
|
Passbolt
Luxembourg
|
VERIFIED SIGNALS
Jurisdiction
Transparency
|
OWNERSHIP
Where ultimate control over the operating company sits.
|
CLOUD ACT EXPOSURE
How exposed customer data is to US authorities under the CLOUD Act.
|
SOC 2
|
Freemium
€5 / mo
|
View profile → |
|
KeePassXC
Germany
|
VERIFIED SIGNALS
Jurisdiction
Transparency
|
OWNERSHIP
Where ultimate control over the operating company sits.
|
CLOUD ACT EXPOSURE
How exposed customer data is to US authorities under the CLOUD Act.
|
— | Free | View profile → |
|
Uniqkey
Denmark
|
VERIFIED SIGNALS
Jurisdiction
Transparency
|
OWNERSHIP
Where ultimate control over the operating company sits.
|
CLOUD ACT EXPOSURE
How exposed customer data is to US authorities under the CLOUD Act.
|
ISO/IEC 27001
|
Paid | View profile → |
|
Padloc
Germany
|
VERIFIED SIGNALS
Jurisdiction
Transparency
|
OWNERSHIP
Where ultimate control over the operating company sits.
|
CLOUD ACT EXPOSURE
How exposed customer data is to US authorities under the CLOUD Act.
|
— |
Freemium
€3 / mo
|
View profile → |
|
NordPass
Lithuania
|
VERIFIED SIGNALS
Jurisdiction
Transparency
|
OWNERSHIP
Where ultimate control over the operating company sits.
|
CLOUD ACT EXPOSURE
How exposed customer data is to US authorities under the CLOUD Act.
|
ISO/IEC 27001
SOC 2
|
Freemium
€2 / mo
|
View profile → |
|
pCloud Pass
Switzerland
|
VERIFIED SIGNALS
Jurisdiction
Transparency
|
OWNERSHIP
Where ultimate control over the operating company sits.
|
CLOUD ACT EXPOSURE
How exposed customer data is to US authorities under the CLOUD Act.
|
— |
Freemium
€30 / mo
|
View profile → |
Ranked by feature parity + compliance score. Migration friction is weighted higher than feature breadth.
AGPLv3 Rust Bitwarden-compatible server by Daniel García (Spain), self-host-only, no company, no telemetry — clean 5/5 when run on EU infrastructure.
Swiss zero-knowledge password manager (Proton AG / Proton Foundation), open-source apps + extensions, Cure53-audited, free unlimited tier.
German Apache-2.0 open-source team password manager (esaqa GmbH), self-hostable on EU infrastructure, Cure53-audited 2026, free up to 10 users.
For every product we read the public DPA, sub-processors document, hosting region declaration, and corporate ownership records. Each is timestamped. Compliance score is editorial, re-verified quarterly. We never accept self-attestation.
Reviewed by the EU Vetted editorial team · Editorial guidelines