US-incorporated password manager, owned by GoTo (US PE: Francisco Partners + Elliott Management).
DISCLOSURE Some links on this site are affiliate links. We may earn a commission at no extra cost to you. Compliance scores and editorial rankings are never influenced by affiliate relationships.
Listed for transparency. Every product on this page is benchmarked against this baseline.
US-incorporated password manager, owned by GoTo (US PE: Francisco Partners + Elliott Management).
All 9 alternatives ranked by compliance score, benchmarked against LastPass.
| Product | Score | Owner | CLOUD Act | Cert. | Pricing | Action |
|---|---|---|---|---|---|---|
|
LastPass
benchmark · US
|
1.0/5 | OWNERSHIP
Where ultimate control over the operating company sits.
|
CLOUD ACT EXPOSURE
How exposed customer data is to US authorities under the CLOUD Act.
|
SOC 2 no EU framework |
Freemium | your current |
|
Passbolt
Luxembourg
|
VERIFIED SIGNALS
Jurisdiction
Transparency
|
OWNERSHIP
Where ultimate control over the operating company sits.
|
CLOUD ACT EXPOSURE
How exposed customer data is to US authorities under the CLOUD Act.
|
SOC 2
|
Freemium
€5 / mo
|
View profile → |
|
Proton Pass
Switzerland
|
VERIFIED SIGNALS
Jurisdiction
Transparency
|
OWNERSHIP
Where ultimate control over the operating company sits.
|
CLOUD ACT EXPOSURE
How exposed customer data is to US authorities under the CLOUD Act.
|
— |
Freemium
€2 / mo
|
View profile → |
|
Psono
Germany
|
VERIFIED SIGNALS
Jurisdiction
Transparency
|
OWNERSHIP
Where ultimate control over the operating company sits.
|
CLOUD ACT EXPOSURE
How exposed customer data is to US authorities under the CLOUD Act.
|
— |
Freemium
€0 / mo
|
View profile → |
|
Vaultwarden
Spain
|
VERIFIED SIGNALS
Jurisdiction
Transparency
|
OWNERSHIP
Where ultimate control over the operating company sits.
|
CLOUD ACT EXPOSURE
How exposed customer data is to US authorities under the CLOUD Act.
|
— | Free | View profile → |
|
KeePassXC
Germany
|
VERIFIED SIGNALS
Jurisdiction
Transparency
|
OWNERSHIP
Where ultimate control over the operating company sits.
|
CLOUD ACT EXPOSURE
How exposed customer data is to US authorities under the CLOUD Act.
|
— | Free | View profile → |
|
Uniqkey
Denmark
|
VERIFIED SIGNALS
Jurisdiction
Transparency
|
OWNERSHIP
Where ultimate control over the operating company sits.
|
CLOUD ACT EXPOSURE
How exposed customer data is to US authorities under the CLOUD Act.
|
ISO/IEC 27001
|
Paid | View profile → |
|
Padloc
Germany
|
VERIFIED SIGNALS
Jurisdiction
Transparency
|
OWNERSHIP
Where ultimate control over the operating company sits.
|
CLOUD ACT EXPOSURE
How exposed customer data is to US authorities under the CLOUD Act.
|
— |
Freemium
€3 / mo
|
View profile → |
|
pCloud Pass
Switzerland
|
VERIFIED SIGNALS
Jurisdiction
Transparency
|
OWNERSHIP
Where ultimate control over the operating company sits.
|
CLOUD ACT EXPOSURE
How exposed customer data is to US authorities under the CLOUD Act.
|
— |
Freemium
€30 / mo
|
View profile → |
|
NordPass
Lithuania
|
VERIFIED SIGNALS
Jurisdiction
Transparency
|
OWNERSHIP
Where ultimate control over the operating company sits.
|
CLOUD ACT EXPOSURE
How exposed customer data is to US authorities under the CLOUD Act.
|
ISO/IEC 27001
SOC 2
|
Freemium
€2 / mo
|
View profile → |
Ranked by feature parity + compliance score. Migration friction is weighted higher than feature breadth.
Luxembourg-incorporated AGPLv3 open-source team password manager (Passbolt SA), SOC 2 Type II, self-hostable, used by LU/FR government.
Swiss zero-knowledge password manager (Proton AG / Proton Foundation), open-source apps + extensions, Cure53-audited, free unlimited tier.
German Apache-2.0 open-source team password manager (esaqa GmbH), self-hostable on EU infrastructure, Cure53-audited 2026, free up to 10 users.
For every product we read the public DPA, sub-processors document, hosting region declaration, and corporate ownership records. Each is timestamped. Compliance score is editorial, re-verified quarterly. We never accept self-attestation.
Reviewed by the EU Vetted editorial team · Editorial guidelines