Protect and share your access credentials with ease.

Secure team vault: store, share and control your passwords without compromise.

End-to-end encryption (RSA/AES)
Fine-grained sharing by user
Traceability and access control

No credit card required. Sign up in 1 minute

When passwords are circulated via email, spreadsheets or messaging apps, the risk increases and control disappears.
It's difficult to know who has access to what, and impossible to properly revoke access when an employee leaves.

With Octopussian Passwords, you can centralise and secure your secrets: strong encryption, controlled sharing and clear history. Your private keys belong to you.

What you gain

Secure sharing

Give access to the right people, never the wrong ones. Guests and teams included.

Control & traceability

Track who sees what, when, and revoke access with a single click. Access log and history included.

Overview

A clear view of accounts, owners, and delegations. You always know where the keys are.

Access traceability: a security issue

How do you manage access for employees who have left your organisation? Do you know exactly who has which password in your team?

The reality is worrying: more than 80% of internet users reuse their passwords on multiple sites, and 55% manage them solely from memory. When an employee leaves, these informally shared access rights become a security blind spot.

Without the right tool, it is impossible to know which accounts remain accessible to former team members, or to revoke their access effectively.

How it works

1 Store securely

Centralise your passwords in an encrypted vault.

Organise them by category (servers, APIs, licences) with a history of changes.

2 Share with ease

Grant access to individual members of your team.

Share on an ad hoc basis with an external service provider via a secure, single-use link.

3 Control and audit See at a glance who knows which password.

Identify obsolete access and revoke it with a single click.

Your keys belong to you

Your main obstacle to adopting a password manager? The fear that a security breach will expose your sensitive data.

With Octopussian, we cannot read your passwords. You hold the only private key capable of decrypting them. Even if our servers are hacked, your secrets remain unreadable.

[screen: screenshot showing the padlock and the words "Locally encrypted" in the interface]

End-to-end encryption (RSA 2048 + AES)
Hosting and backups in France (separate data centres)
Enhanced authentication (TOTP, passkeys)
Session duration control

Technical details

Your browser generates a pair of 2048-bit RSA keys. The private key remains on your device and is never transmitted. The public key is stored on our servers to enable sharing. Each password is encrypted using AES-256, and only your private key can decrypt it. This zero-knowledge model ensures that even Octopussian cannot access your unencrypted data.

Designed for teams that collaborate

Agencies and design offices

Manage access to clients, servers and business tools. Share a password with an external service provider on an ad hoc basis without creating an additional account. Automatically revoke access at the end of the assignment.

Technical and IT teams

Centralise API keys, server access and sensitive credentials. Track who accessed which secret and when. Organise by project or environment (dev, staging, prod).

Growing SMEs and SMBs

Structure access management from the very first employees. Facilitate the onboarding of new arrivals and secure the offboarding of departures without losing control.

Tools that strengthen your security

Access summary table

See at a glance who knows which password. Immediately identify access held by former team members that has not been renewed.

Anti-phishing Chrome extension

Secure autofill and integrated generator. If no password is saved for a site, a red banner appears with the domain name in plain text and in distinct colours to detect phishing attempts.

History and archiving

Keep previous versions of each password. Deleted passwords are archived, never lost. All changes are tracked with timestamps and author.

Cryptographic generator

Create strong passwords directly in the interface or via the extension. Secure random generation based on the browser's SubtleCrypto API.

One-time external sharing

Send a password to a service provider or partner via a secure, single-use link. No account required for the recipient. The link is destroyed after viewing.

Technical details

The password is encrypted using AES on the server side, but the decryption key remains in the URL fragment (after the #) and is never transmitted to the server. The recipient decrypts it locally in their browser. Once viewed, the encrypted secret is immediately destroyed. If the link is intercepted and already used, you know that the password is potentially compromised.

Categories and organisation

Classify your passwords by type (servers, licences, API keys, customer accounts) to quickly find what you need.

FAQ

Who can read my passwords?

No one other than you and the members of your team with whom you share them.
Octopussian uses end-to-end encryption: you hold the only private key capable of decrypting your secrets.
Even our technical teams cannot access them.

What happens if a colleague leaves the team?

Revoke their access with a single click in the team settings.
The access summary table immediately shows you which passwords they knew, so you can prioritise renewing them.

How do I share a password with someone outside my team?

Use external sharing: generate a secure, single-use link that you can send by email or messaging service. Your contact does not need to create an account. The link is automatically destroyed after viewing.

Is my data hosted in France?

Yes. The database and its backups are hosted in France in two separate data centres, ensuring sovereignty and European compliance.

Does the browser extension work on all websites?

The Chrome extension automatically fills in your login details on most websites.
If no password is saved for the site you are visiting, an alert banner will appear to protect you from phishing.

Créez votre compte gratuitement