Protect and share your credentials, effortlessly.
Secure team vault: store, share, and control your passwords without compromise.
- End-to-end encryption (RSA/AES)
- Granular per-user sharing
- Audit trail and access control
No credit card. Sign up in 1 minute
Access traceability: a security imperative
When passwords circulate via email, spreadsheets, or messaging apps, risk increases and control disappears.
It becomes nearly impossible to know who has access to what — and properly revoking access when a team member leaves is out of the question.
With Octopussian Passwords, you centralize and secure your credentials: strong encryption, controlled sharing, and a clear audit trail. Your private keys belong to you.
How do you manage access for team members who have left your organization? Do you know exactly who holds which password on your team?
The reality is concerning: more than 80% of internet users reuse passwords across multiple sites, and 55% rely solely on memory to manage them. When a team member leaves, informally shared credentials become a blind spot in your security.
Without the right tool, there's no way to know which accounts former team members can still access — or to effectively revoke their access.
What you get
Secure sharing
Grant access to the right people — never the wrong ones. Guests and teams included.
Control & auditability
Track who sees what and when — revoke access in one click. Access log and history included.
Overview
A clear view of accounts, owners, and delegations. You always know where the keys are.
How It Works
Store Securely
Centralize your passwords in an encrypted vault.
Organize them by category (servers, APIs, licenses) with a full edit history.
Share Effortlessly
Grant access member by member within your team.
Share on a one-off basis with an external contractor via a single-use secure link.
Control and Audit
See at a glance who has access to which password.
Identify outdated access and revoke it in one click.
Your keys belong to you
What's holding you back from adopting a password manager? The fear that a security breach could expose your sensitive data.
With Octopussian, we cannot read your passwords. You hold the only private key capable of decrypting them. Even if our servers were compromised, your secrets would remain unreadable.
- End-to-end encryption (RSA 2048 + AES)
- Hosting and backups in France (separate data centers)
- Strong authentication (TOTP, passkeys)
- Session duration control
Technical details
Your browser generates an RSA 2048-bit key pair. The private key stays on your device and is never transmitted. The public key is stored on our servers to enable sharing. Each password is encrypted with AES-256, and only your private key can decrypt it. This zero-knowledge model ensures that even Octopussian cannot access your data in plaintext.
Designed for teams that collaborate
Agencies and consulting firms
Manage access to client accounts, servers, and business tools. Share a password with an external contractor on a one-off basis without creating extra accounts. Automatically revoke access at the end of an engagement.
Technical and IT teams
Centralize API keys, server access, and sensitive credentials. Track who accessed which secret and when. Organize by project or environment (dev, staging, prod).
Small and growing businesses
Structure access management from day one. Streamline onboarding for new hires and secure offboarding for departing employees without losing control.
Tools that strengthen your security
Access summary table
See at a glance who knows which password. Instantly identify access held by former team members that hasn't been renewed.
Anti-Phishing Chrome Extension
Secure autofill and built-in generator. If no password is saved for a site, a red banner displays the domain name in plain text with distinct colors to detect phishing attempts.
How to Spot a Phishing Attempt →History and archiving
Keep previous versions of every password. Deleted passwords are archived, never lost. All changes are tracked with a timestamp and author.
Cryptographic Generator
Create strong passwords directly in the interface or via the extension. Secure random generation based on the browser's SubtleCrypto API.
Why Password Length Matters More Than Complexity →One-time external sharing
Share a password with a contractor or partner via a single-use secure link. No account required for the recipient. The link self-destructs after viewing.
Technical details
The password is AES-encrypted server-side, but the decryption key stays in the URL fragment (after the #) and is never sent to the server. The recipient decrypts it locally in their browser. Once viewed, the encrypted secret is immediately destroyed. If the link is intercepted and already used, you know the password is potentially compromised.
Categories and organization
Organize your passwords by type (servers, licenses, API keys, client accounts) to quickly find what you need.
How much does it cost?
| Plan | Price | Inclusions |
|---|---|---|
| Free | 0 € | Up to 40 passwords • multi-user sharing • lifetime |
| Passwords | 2 € HT/mois | Unlimited passwords, secure team sharing |
| Complete package | 10 € HT/mois ⭐ Recommandé |
Passwords + 9 other tools: Electronic signature, Video conferencing, Tasks, Drive,…
See all pricing → |
| ✓ Paiement annuel : 2 mois offerts | ||
FAQ
Who can read my passwords?
No one but you and the team members you share them with. Octopussian uses end-to-end encryption: you hold the only private key capable of decrypting your secrets. Even our technical teams cannot access them.
What happens when a team member leaves?
Revoke their access in one click from your team settings. The access summary table immediately shows which passwords they knew, so you can prioritize changing them.
How do I share a password with someone outside my team?
Use external sharing: generate a secure, single-use link and send it via email or messaging. Your contact doesn't need to create an account. The link is automatically destroyed after it's viewed.
Is my data hosted in France?
Yes. The database and its backups are hosted in France across two separate data centers, ensuring data sovereignty and European compliance.
Does the browser extension work on all websites?
The Chrome extension automatically fills in your credentials on most websites. If no password is saved for the site you're visiting, an alert banner appears to protect you against phishing.
To go further
Passkeys: Understanding the Alternative to Passwords
Passkeys replace passwords with a phishing-resistant cryptographic key. How they work, benefits, and limitations: the complete guide.
Read the article →Phishing: How to Recognize and Avoid Attacks
Fraudulent emails, trap SMS messages, fake websites: learn to identify phishing techniques and protect yourself effectively every day.
Read the article →Password: Why Length Matters More Than Complexity
A long lowercase password beats a short one loaded with symbols. Find out why — and how to choose a truly strong password.
Read the article →No credit card. Sign up in 1 minute
Boost your productivity starting today. Sign up and try for free.
We use your email and name
to create your Octopussian workspace.
Google may place technical cookies for this connection.
Creating your account…
We respect your privacy. Your information will not be used for any other purpose.
By signing up, you agree to our Terms and Conditions and Privacy Policy
Thank you for your trust
You will receive an email with a link to complete your registration.