Password managers for shared vaults and credential sharing

Shared credentials are one of the most common and least managed security risks in households and small teams. The Wi-Fi password written on a sticky note, the Netflix login texted over iMessage, the team Slack account sent over email — these exist in plaintext in multiple places with no access control, no audit trail, and no way to revoke access when needed.

Password managers solve this at two levels: secure storage with granular permissions, and sharing mechanisms that don't require the recipient to have the same app or account. The sharing models differ significantly between providers.

Quick answer

You need to share credentials with people who don't have an account

Keeper — One-Time Share sends an encrypted credential link to anyone; no account required on recipient's side

You want shared family vault at the lowest cost

Bitwarden — Families plan at $40/year for 6 users with shared organisation collections

You want the strongest privacy for shared items

Proton Pass — shared vault items have full metadata encryption; URL data encrypted even in shared context

When it matters

Bitwarden — shared organisation collections with role-based permissions (view, edit, manage). Free personal sharing limited to 2 users; Families and Teams plans for broader sharing
Keeper — record-level and folder-level sharing with granular permissions. One-Time Share generates a time-limited encrypted link for external sharing without recipient account
Dashlane — sharing with other Dashlane users; recipient must have an account. No external/link-based sharing
LastPass — shared folders on Teams and Business plans; recipient must have a LastPass account
NordPass — sharing with other NordPass users on Premium; no external sharing
Proton Pass — vault sharing and secure link sharing (recipient does not need a Proton account)

When it fails

Shared credentials can be read by everyone with access — there is no way in most managers to share a password while preventing the recipient from reading it; the credential is either accessible or not
Revoking shared access — removing a person's access to a shared collection doesn't change the credentials themselves; if they memorised or stored the password externally, revocation doesn't close that path
One-Time Share links have an expiry — Keeper's external sharing links expire after a configured time. Persistent access requires the recipient to create an account

How providers fit

Keeper provides the most complete sharing architecture in this comparison. One-Time Share for external recipients without accounts, plus granular in-vault sharing permissions. Appropriate for teams with contractors or families with members who won't install an app.

Bitwarden provides the best value shared vault for families and small teams. Collection-based permissions, Families plan for $40/year, and Bitwarden Send for encrypted file/text sharing with external parties.

Proton Pass provides encrypted sharing that extends metadata protection to shared items — URLs and titles remain encrypted even in shared context.

Bottom line

Keeper for the most flexible sharing including external recipients without accounts. Bitwarden for the best value family and team shared vault. Most providers require the recipient to have an account on the same service — if external sharing matters, that limitation should be evaluated before choosing.

Password managers for families Password managers for small teams Password managers with emergency access