Frequently asked questions

If I save a password from Passlette into my own manager, is that okay?

Yes, and it's encouraged. Passlette holds the group's shared credentials. If you want to save one to 1Password or Bitwarden or wherever for quick access, go for it. Just remember that your copy is a snapshot — if the group updates the credential in Passlette, your copy won't automatically update.

Can I use Passlette as my personal password manager?

You can create a group just for yourself and store whatever you want in it. But Passlette is built around the sharing model, so it's a bit awkward as a solo tool. If you want a personal password manager, something like Bitwarden (free, open source) is going to serve you better.

What are the different roles?

There are three: Admin can do everything — invite people, grant or revoke access, change roles, and add/edit/delete vault entries. Read & write members can add, edit, and delete vault entries but can't manage membership. Read only members can view and copy credentials but can't make any changes to the vault. When you grant someone access after they accept an invite, you choose which role they get.

What can I store in a vault entry?

Each entry has a name, username, password, and notes. Notes support Markdown formatting, so you can include headers, links, or structured instructions. You can also store a TOTP secret — Passlette will display a live one-time code that refreshes every 30 seconds, so you can use it directly from the vault without a separate authenticator app.

What if the only admin in a group leaves or loses their account?

Members keep access to the vault, but nobody can invite new people or manage roles without an admin. If the sole admin deletes their account through Passlette — including via the Can't log in? recovery flow — they're required to promote another member to admin first, so the group isn't left without one. The group only gets truly stranded if an admin becomes permanently unreachable without going through that flow. For any active group, it's worth keeping at least two admins.

Does Passlette support two-factor authentication?

Yes. You can enable TOTP-based two-factor authentication from your account settings. Once enabled, signing in requires your master password plus a time-based code from an authenticator app (Google Authenticator, Authy, 1Password, etc.). This protects your Passlette account independently of the zero-knowledge encryption that protects your vault contents.

If I remove someone from a group, do they lose access to the passwords?

They immediately lose access to the vault in Passlette. But if they previously saved any of those passwords in their own password manager, those copies still exist — there's no way for Passlette to reach into someone else's device and delete anything. If you're removing someone and access truly matters, rotate the credentials they had access to.

What if I forget my Passlette password?

There's no password reset — your encryption key is derived from your password and never leaves your browser, so there's nothing for us to reset. Instead, use the Can't log in? link on the sign-in page. It sends a deletion link to your email address, then guides you through deleting your account and re-registering with the same email. After that, any group admin can re-grant you vault access. Treat your Passlette password like any important password — store it somewhere safe.

Can Passlette staff read my vault?

No. Passlette uses zero-knowledge encryption — your passwords are encrypted in your browser before leaving your device. The server stores only ciphertext it cannot read. We have no mechanism to access your vault contents even if compelled. Full security details →