PassaPassa helps professionals securely store, organize, generate, and reuse passwords, OTPs, cloud logins, test accounts, admin credentials, client portals, and everyday sign-ins directly from the browser.
No card required. First 500 users get 3 months of Pro free. Pro is $0.99/month after launch when billed yearly.
Features
Built for people who need fast browser access to many credentials without giving up privacy, control, or clarity.
AES-256-GCM with PBKDF2 at 600,000 iterations. Your vault is encrypted on your device before it goes anywhere. Passa does not have the keys needed to decrypt your passwords.
Sync via Google Drive or Dropbox - storage you already own. Passa never hosts your vault on a proprietary server. No vendor lock-in, no single point of failure, no subscription required to access your own data.
Detects common login forms and helps fill username, password, account ID, and tenant fields where supported. Built for repeated login flows testers, developers, and operators hit all day.
Store TOTP secrets when convenience matters, copy current codes from the vault, and fill detected MFA fields where supported. A separate authenticator app is still the stronger 2FA setup.
Sync your encrypted vault across devices through your own cloud storage. A conflict-resolution engine with tombstone support helps preserve changes when edits happen in more than one place.
Set your vault to lock automatically after a period of inactivity. Your session key is kept in browser session storage rather than persistent disk storage. Close the browser and your vault locks itself.
When sync changes happen in more than one place, Passa helps preserve edits and gives you review paths instead of silently overwriting your vault.
Organise credentials into folders, search and sort your vault, and import compatible CSV files with standard URL, username, and password columns.
Use cases
Passa is focused on the browser moments where credentials are created, stored, copied, filled, reset, and reused during real work.
Software testers
Store QA users, staging credentials, admin roles, demo logins, customer scenarios, and repeated registration flows in one searchable vault.
Developers
Organize internal tools, local apps, API dashboards, database panels, CMS logins, and environment-specific credentials without dumping secrets into notes.
DevOps professionals
Keep AWS, Azure, GCP, server panels, root accounts, IAM users, recovery notes, and break-glass credentials easier to identify and reuse.
Freelancers and consultants
Save client portals, hosting accounts, domain registrars, analytics tools, CMS dashboards, and payment portals without relying on spreadsheets.
Founders and solo operators
Bring SaaS tools, business email, social accounts, payment processors, cloud platforms, and admin dashboards into a cleaner browser workflow.
Power users
Use Passa for everyday sign-ins, alternate accounts, secure notes, generated passwords, and quick autofill across supported desktop browsers.
How it works
No servers to configure. No migration headaches. Install, connect your cloud, and you're protected.
Add Passa to Chrome or Firefox in seconds from the browser store. Create your account with a strong master password - it is hashed on your device and never transmitted in plaintext.
Your master password is the only key. We never see it, store it, or recover it.
Choose Google Drive or Dropbox as your sync provider when you want cross-device access. Passa writes an encrypted vault file to your storage. You keep control of the place where your vault lives.
passa_vault.encrypted lives in your cloud. Switch providers or export any time.
Log in to a supported website and Passa offers to save your credentials. One click captures the login, encrypts it locally, and keeps it ready to sync when Pro sync is enabled.
Save usernames and passwords from supported forms. Add account fields or TOTP secrets manually when needed.
Passa detects common login forms and fills saved credentials in one click. Use the Passa button on a field or trigger autofill from the extension popup.
Your local vault remains accessible and exportable even if Pro is not active.
Security
Zero-knowledge means your master password never leaves your device. Your vault is encrypted before it touches any network. Your cloud provider stores a file it cannot read. Passa's servers store nothing about your vault.
Your session key lives only in memory. Close your browser - it's gone. Set a timeout and your vault auto-locks after inactivity. Even if someone gains physical access to your device, your vault remains encrypted at rest.
If your cloud vault file is exposed, it is still encrypted ciphertext. Without your master password, Passa should not be able to decrypt it, and neither should your cloud provider.
Passa follows the same broad zero-knowledge principle used by established password managers, with one key difference: your vault never lives on our servers at all.
Sync packages include an HMAC-SHA256 ownership signature where supported, helping Passa detect cloud files that do not belong to your account.
Under the hood
The features most password managers don't talk about - but should.
Your vault is stored encrypted on your device first. Cloud sync is optional and writes encrypted data to storage you connect.
When you copy a password, the clipboard is automatically cleared on a timer. No lingering credentials in your clipboard after you're done.
5 failed unlock attempts trigger exponential backoff. 10 failed attempts lock the vault for 30 minutes, slowing repeated guessing attempts.
The Passa button injected into password fields runs in Shadow DOM isolation, which helps keep extension UI separate from the page around it.
Export all your data or permanently delete everything - on demand, verified by your master password. Full data portability, no hoops to jump through.
Right-click any input field and generate a strong password directly into it via the browser context menu. No need to open the extension popup.
Pricing
First 500 users get 3 months of Pro free. After that, Pro is $0.99/month when billed yearly, with a limited lifetime launch option.
For local, private password management.
Full Passa Pro access for less than $1/month.
Billed as $11.88/year
One payment for Passa Pro password manager updates.
Launch lifetime price
First 500 users get 3 months of Passa Pro completely free - no card required. After launch, Pro is $0.99/month when billed yearly.
Your local vault remains accessible even if Pro expires. Lifetime Pro covers future updates to Passa's current Pro password manager features, excluding separate future products or enterprise plans.
FAQ
Your master password never leaves your device. The vault is encrypted locally using AES-256-GCM before any data is stored or synced. Passa's servers receive only a bcrypt hash of a client-derived password hash - never the plaintext password, encryption keys, or vault contents.
On your device (encrypted in IndexedDB) and in a single encrypted file in your Google Drive or Dropbox - whichever you connect. Passa's servers store only your account authentication data. The vault itself never touches our infrastructure.
Bitwarden and 1Password both store your encrypted vault on their own servers. Passa stores it in your Google Drive or Dropbox - cloud storage you already own and control. Even if Passa shuts down tomorrow, your encrypted vault file stays in your cloud and remains yours. There is no proprietary server dependency.
We cannot recover your vault - by design. Zero-knowledge means we hold no key that could decrypt it. This is intentional: it also means no court order or data breach on our end can expose your passwords. We strongly recommend using a memorable passphrase and noting your recovery approach somewhere secure.
Passa is currently a browser extension for Chrome and Firefox on desktop. Browser extension APIs on iOS Safari and Android are more limited, but mobile support is on our roadmap. In the meantime, you can access your vault on any desktop browser where the extension is installed.
Passa supports compatible CSV imports with standard URL, username, and password columns, including many browser exports. Some password managers use custom CSV formats, so compatibility can vary.
Passa derives a sync key locally from your master password and email, re-encrypts your vault with it, and uploads a single file to your chosen cloud. On another device with the extension installed and the same account, it downloads and decrypts that file locally. You can sync through the extension, and Passa helps review conflicts when edits happen on multiple devices.
Yes, with a security tradeoff. Passa can store TOTP secrets, show current codes, and help fill detected MFA fields where supported. Keeping TOTP in a separate authenticator app remains stronger because it separates your second factor from your passwords. TOTP support is a Pro feature.
Not yet as a public feature. The extension is focused today on encrypted local storage, autofill, import/export, folders, and optional user-owned cloud sync. Breach checks are something we may add once they are ready to ship clearly and safely.
Yes, always. Export your full vault as JSON or CSV at any time from settings - verified by your master password. Your encrypted vault file also sits in your own Google Drive or Dropbox, so your data is never held hostage. No lock-in, ever.
The first 500 users get 3 months of Passa Pro free with no card required. After that, you can choose annual Pro or Lifetime Pro. If you do not upgrade, your local vault remains accessible and exportable; Pro features such as cross-device sync and TOTP autofill may stop until Pro is active again.
Lifetime Pro is a one-time purchase for Passa's current Pro password manager features, including future updates to those features. It does not automatically include separate future products, enterprise plans, or third-party service costs if those are introduced later.