PassHub for Business

Making convenient collaboration secure

In today’s world domineered by usernames and passwords, businesses need to share credentials and files with internal employees and external customers quickly and easily. But sharing can’t come at the expense of security.

That’s why we created PassHub for Business.

Combining client-side encryption with intuitive data sharing, PassHub for Business is a dedicated platform for secure collaboration.

Start my free 30-day trial

PassHub enables your business to

Leverage multi-factor authentication and zero-trust architecture to secure your most sensitive data

  1. Enforce security with password-less multi-factor authentication as the only access method

  2. Eliminate potential for insider threats with client-side encryption so even administrators cannot access user data

  3. Protect critical IT assets, e.g. credentials and SSL certificates

Securely store business credentials, notes and files

  1. Organize your data with PassHub Safes--top-level folders and subfolders

  2. Search and find records with our robust search tool

  3. Generate strong passwords according to your business requirements

  4. Backup/restore your data

Collaborate with team and clients

  1. Share individual safes with team members, partners, and clients

  2. Use granular access to keep all information on a need-to-know basis

Manage user access

  1. Across the entire PassHub service:

    Invite users to PassHub

    Track user activities

    Delete user accounts

  2. Within each PassHub safe:

    Assign roles to safe users (read only, editor, admin)

    Revoke user access to the safe, while maintaining access for your organization

Migrate from KeePass

  1. Import your KeePass data to finally start sharing business credentials and files (e.g. SSL certificates) with your team

  2. Export your PassHub data for backup in your cloud

Flexible Deployment Options to fit Any Environment

PassHub for Business is available as a self-hosted or SaaS PassHub

Self-hosted PassHub

Deployed on your company’s servers, this option gives you full control over PassHub source code and sensitive user data.

Full-featured server installation including SMTP server, SSL certificates, distributed MongoDB database, general security protection, updates and support.

PassHub for Business is an open source project which itself is free for you to use within your organization’s own infrastructure. However, to make PassHub work, you will need a subscription to the WWPass Authentication Service.

Get the source code from GitHub

Saas PassHub

Passhub for Business may also be deployed as a SaaS version, hosted by Passhub.net. This approach eliminates the burden of server configuration and support, while still letting you control user accounts on the company’s PassHub account.

To get a dedicated SaaS PassHub for your business at a domain of your choice, but have us host it, is $100/month for unlimited users plus 500GB of storage.

Start my free 30-day trial

Tailored PassHub

Customized features to meet the unique needs of your organization

Contact Us

Why choose PassHub for Business

Client-side encryption (AES-256-GCM and RSA-2048)

Strong multifactor authentication with no master password

Unlimited storage and sharing

Easy sharing between team members

Compatible with any device without requiring software installation

Automatic synchronization between team members and all user devices

Installed on corporate servers, keeping server code under full enterprise control

Compatible with KeePass

Frequently Asked Questions (FAQ)

Does PassHub support multifactor authentication?

Yes, PassHub has both multifactor authentication and client-side encryption. PassHub uses 'something you have' (PassKey) as a first factor and 'something you know' (PIN) or something you are (biometrics) as a second factor.

What does authentication QR code consist of? How secure is it?

The only thing the QR code contains is a random authentication session ticket, which does not disclose any user information to attackers. This is an important difference between WWPass QR codes and QR codes used by other companies/authenticators, which often encode unnecessary and unsafe personal identifying information.

It is important to remember 3 things about QR Codes:

(1) They are just a transport tool, and how the tool is used is the most important factor regarding your security.

(2) If a company encodes things like personal identifying information or usernames in a QR code, this is both unnecessary and unsafe –WWPass does not do this; only a random authentication session ticket is used.

(3) Even if someone stole your phone with PassKey app, they can’t automatically get in everywhere just by scanning the QR code –an additional verification factor like a PIN, fingerprint or facial recognition would also be needed. Additionally you can restore your PassKey onto a new mobile device, which will instantly block the stolen PassKey.

Where is data stored?

This depends on your deployment. For self-hosted, data is stored on your servers. You can use physical servers in your datacenter, or virtual servers from cloud providers. If deployed as a SaaS, your data is stored on PassHub.net’s secured servers.

How many servers do I need to run PassHub?

For a simple, non-redundant configuration, you can use a single server. If you need high availability, you will need at least three servers.

What Database Management System (DBMS) does PassHub use?

We use MongoDB.

Can I use different DBMS?

Not with the PassHub for Business SaaS version. We selected MongoDB for its combination of efficiency and reliability. Self-hosted PassHub may be ported on other high end databases (but not on MySQL/MariaDB or other databases that do not support redundancy)

Do you use a “Master Password” to encrypt the data?

No way! Anything a human can read, type, or write on a post-it note can be easily compromised. PassHub uses WWPass technology (PassKey) to encrypt the encryption keys. No one ever has access to other users’ information, not even administrators.

Can I use PassHub without WWPass multi-factor authentication?

No. WWPass technology is necessary to ensure the security of the entire system. WWPass Passkey is used both for password-less login and client-side data encryption.

Can PassHub be accessed without internet?

No. PassHub uses WWPass, which is cloud-based.

Can I backup password data?

Of course. The entire database should be backed up regularly. These backups can be used to restore the system in case of disaster. Backups contain only encrypted data, so even if they fall into the wrong hands, no data would be compromised. Each user can backup their data in unencrypted format (100 percent compatible with KeePass). In this case, they are responsible for safeguarding their own data, since it is outside the PassHub platform.

Can I load credentials from other password managers?

Data can be imported from KeePass directly. It also can be imported as a properly formatted comma delimited text file.

How much does PassHub for Business cost?

PassHub for Business is an open source project, so you can download and install it yourself. However, to make PassHub work, you need subscription to the WWPass authentication service. This service is free for a small number of users, and for larger organizations it is priced below the cost of a typical password manager license. For more details and to subscribe, visit our pricing page.

Can employees of PassHub, WWPass, or my systems administrators ever gain access to passwords and other secret data?

Never. PassHub uses client-side encryption, so secret data gets decrypted only on each individual user’s devices (PC, tablet or phone) using that user’s private key. That private key also gets decrypted on the same device, and can not appear anywhere else. That’s the magic of WWPass technology!

Is PassHub just a password storage, or can it be used for other purposes?

PassHub is a collaboration tool, allowing users to store and share various data, including files. When one user stores data in their safe, it immediately becomes available to all other users who have access to that particular safe anywhere in the world.