Open Source Tools

Open Source Password Protection

These are defensive tools, not vaults - they exist to tell you which credentials are already exposed, weak, or banned, and that only works if you can run them against your own users and password data without shipping any of it out. The open source tools here do the breach checking, directory password filtering, and exposure auditing entirely inside your environment, so finding leaked credentials never means handing them to a third party.

6 password protection100% OSI-approved licensesUpdated June 2026
Showing 1-6 of 6
SuperTokens logo

SuperTokens

SSO
15.1k

Open-core user authentication with login, session management, and on-premises control of user data

OtherJavaSelf-host

pwnedOrNot

Password Protection
2.6k

OSINT tool for checking breached email accounts and searching public dumps for passwords

MITPythonSelf-host

xkcdpass

Password Generator
1.4k

Flexible, scriptable passphrase generator inspired by XKCD 936

BSD-3-ClausePython
haveibeenpwned-downloader logo

haveibeenpwned-downloader

Password Protection
1.2k

CLI tool that downloads all Pwned Passwords hash ranges for offline checks without the k-anonymity API

BSD-3-ClauseC#
Lithnet Password Protection logo

Lithnet Password Protection

Password Protection
568

Active Directory password filter for breached password checks and custom complexity rules

MITC#Self-host
XposedOrNot logo

XposedOrNot

Password Protection
80

Open-source API for real-time data breach monitoring and email exposure alerts

MITPythonSelf-host

Related categories

Password Manager10Password Generator10SSO13Privileged Access Management11MDM4