Navigation Menu

Skip to content


Folders and files

Last commit message
Last commit date

Latest commit


Repository files navigation


Web-based, multi-user, secure password safe/manager with delegated access controls

Open-source, web-based secure password safe for the enterprise that supports multiple users with delegated access controls. Simple to use, manage passwords and other sensitive secrets centrally in a secure database with industry standard pluggable strong encryption. Multiple users and groups can be added using pluggable authentication/authorization and role-based access controls. Fine-grained access controls can be defined on passwords to share with other authorized users in view only, view and update, or delegated granting modes. Reusable permission templates can be defined. Ability to organize passwords using friendly tags. Configurable strong password generation tool. Full audit trail of all password access events, many useful and configurable reports, as well as pluggable modules for external logging all audit events. History of old passwords can be kept. Exports can be done for disaster recovery purposes. Password retrieval also exposed via Web Services for automated processes.


  • 2015/05/22 Moved project from Google Code to Github, start your pull requests!

  • 2013/07/07 Release v1.3 now available! Download the latest version on the left.

  • 2012/05/31 Patch release v1.2.1 for Java web containers (Glassfish/Jetty) having issues with CSRF protection.

###New to WebPasswordSafe?

Code license: GNU GPL v2

Labels: gwt, security, password, safe, encryption, java, web, tomcat, gxt, multiuser, hibernate, j2ee, webservice, ajax, esapi

Follow on social media: Twitter Facebook Google+


The official WebPasswordSafe - web-based, multi-user, secure password safe/manager with delegated access controls






No packages published