EU Password Managers: Bitwarden vs Proton Pass vs Enpass vs NordPass
LastPass got hacked. 1Password uses AWS. Here's how European and privacy-focused password managers compare.
Read time: 8 min | Last updated: January 2026
TL;DR: Bitwarden for self-hosters and open-source fans. Proton Pass if you’re in the Proton ecosystem. NordPass for easy switching from LastPass. Enpass if you want local-only storage.
The LastPass breach in 2022 was a wake-up call. Encrypted vaults stolen. Master passwords potentially crackable with enough time.
1Password didn’t get breached. But they moved to AWS. Your vault lives on Amazon servers now, accessible under US jurisdiction.
Password managers hold everything. Email logins, bank accounts, work credentials. If there’s one thing to keep out of US cloud infrastructure, it’s this.
The Quick Comparison
| Bitwarden | Proton Pass | Enpass | NordPass | |
|---|---|---|---|---|
| Country | US (but self-hostable) | Switzerland | India (local storage) | Lithuania |
| Open-source | Fully | Fully | No | No |
| Self-hosted | Yes | No | Yes (local only) | No |
| Free tier | Yes | Yes | Trial | Yes |
| Pricing | $10/year | €48/year | $24 lifetime | €36/year |
| Zero-knowledge | Yes | Yes | Yes | Yes |
Bitwarden: The Open-Source Standard
US company, but fully open-source and self-hostable. If you don’t trust their servers, run your own.
What Makes It Different
Everything is open-source. Client code, server code, everything. Thousands of eyes on the security. And you can host it yourself if you want complete control.
What’s Good
Truly open-source. Not “trust us, it’s encrypted.” The code is public. Security researchers verify the claims.
Self-hosting option. Run Vaultwarden (community server) on your own hardware. Zero trust required.
Cross-platform everything. Browser extensions, mobile apps, desktop apps, CLI. Works everywhere.
Excellent free tier. Unlimited passwords, unlimited devices. Premium is $10/year for 2FA, file attachments, reports.
Industry-respected. Recommended by security professionals. Regular audits published.
What’s Not
US jurisdiction. If you use their hosted service, data is on US servers.
Interface is functional, not beautiful. Gets the job done, but won’t win design awards.
Organization features cost. Teams and sharing require paid plans.
Best For
- Security-conscious users who want verifiable claims
- Self-hosters wanting complete control
- Anyone on a budget (free tier is great)
- Migrating from LastPass or 1Password
Proton Pass: Swiss Security Meets Password Management
From the makers of ProtonMail. Same zero-knowledge approach applied to passwords.
What Makes It Different
Proton’s track record. Same company that built ProtonMail and Proton VPN. Swiss jurisdiction. Zero-knowledge proven over a decade.
What’s Good
Proton ecosystem. One account for email, VPN, Drive, Calendar, and Pass. Seamless.
Email aliases built-in. Generate random email addresses for signups. Hide your real email, reduce spam.
Hide-my-email feature. Create unlimited email aliases that forward to your inbox.
Swiss privacy. Not just encryption. Swiss laws protect against foreign data requests.
Open-source. All apps are open-source and audited.
What’s Not
Newer product. Launched 2023. Less mature than Bitwarden or 1Password.
Ecosystem lock-in. Best with Proton apps. Less compelling standalone.
Limited features. Basic password management. No advanced sharing or organization tools yet.
Price. €48/year for Pass Plus. More expensive than Bitwarden.
Best For
- Existing Proton users (Mail, VPN)
- Those who want email aliases integrated
- Swiss jurisdiction priority
- Privacy maximalists
Enpass: Local Storage Only
Indian company, but here’s the twist: they store nothing. Vaults live on your devices or your own cloud.
What Makes It Different
No Enpass servers involved. Your vault syncs through your own cloud (iCloud, Dropbox, Google Drive, OneDrive, or WebDAV). They never see your data.
What’s Good
You control storage. Put your vault on iCloud for Apple devices. Google Drive for Android. Self-hosted WebDAV for paranoia. Your choice.
One-time purchase option. $24 for lifetime access. No subscriptions.
Feature-rich. Watchtower for breach alerts, tags for organization, multiple vaults.
Cross-platform. Everything works. Desktop apps are native, not Electron.
What’s Not
Trust your sync provider. If you use iCloud, that’s still US jurisdiction. Enpass encrypts, but the file lives on Apple servers.
Not open-source. You’re trusting Enpass’s encryption implementation.
Desktop apps cost. Free tier is mobile-only. Desktop requires premium.
Smaller community. Fewer extensions, less third-party support.
Best For
- Users who want local-first storage
- Those who prefer one-time payments
- iCloud/Google Drive users who want encryption layer
- Privacy-conscious who distrust all cloud password managers
NordPass: From the VPN Company
Lithuanian company behind NordVPN. Entered password management in 2019.
What Makes It Different
NordSec’s scale. Large company, resources for security investment, EU jurisdiction.
What’s Good
EU-based. Lithuania. Full GDPR compliance. No US jurisdiction concerns.
Polished apps. Clean interface, fast performance. Feels modern.
XChaCha20 encryption. Uses newer encryption algorithm than typical AES.
Password health. Breach monitoring, weak password detection, reuse alerts.
Family plan. 6 accounts at reasonable price.
What’s Not
Not open-source. You’re trusting NordSec’s claims without verification.
VPN company concerns. NordVPN has had security incidents. Some users are cautious.
Pricing changes. NordSec frequently changes pricing and features. Hard to predict costs.
Limited free tier. Paid tier really needed for practical use.
Best For
- Existing NordVPN users
- Those who want EU jurisdiction without self-hosting
- Users prioritizing modern interface
- Families needing shared plan
The Self-Hosting Question
Self-hosting a password manager is serious. Get it wrong and you lose everything.
Bitwarden/Vaultwarden Self-Host
Pros:
- Complete control
- No subscription fees
- Works with official clients
Cons:
- You manage security
- You manage backups
- You manage availability
Requirements: Server, technical knowledge, backup strategy, time.
Who should do it: Organizations with IT resources. Home labbers who understand the responsibility. Nobody who isn’t prepared to maintain it forever.
Local-Only (Enpass, KeePass)
Pros:
- No servers to maintain
- No subscription fees
- Maximum privacy
Cons:
- You handle sync
- Device loss = vault access issues
- No sharing features
Feature Comparison
| Feature | Bitwarden | Proton Pass | Enpass | NordPass |
|---|---|---|---|---|
| TOTP built-in | Premium | Paid | Yes | Premium |
| Email aliases | No | Yes | No | Yes |
| Password sharing | Yes | Limited | Yes | Yes |
| Breach monitoring | Premium | Paid | Yes | Yes |
| Emergency access | Yes | No | No | Yes |
| File attachments | Premium | No | Yes | No |
Migration Difficulty
Switching password managers is easier than you’d think.
From LastPass
All four import LastPass CSV exports cleanly. Export from LastPass, import to new manager, done.
From 1Password
Most support 1Password 1PUX format. Export, import, verify, done.
The Process
- Export from old manager (CSV or native format)
- Import to new manager
- Verify critical accounts work
- Update browser extensions
- Delete export file securely
- Use new manager for 2 weeks
- Delete old manager account
Pricing Breakdown
For individual use, per year:
| Manager | Free | Premium | What Premium Adds |
|---|---|---|---|
| Bitwarden | Unlimited | $10 | TOTP, attachments, reports |
| Proton Pass | Limited | €48 | Unlimited aliases, vault sharing |
| Enpass | Mobile only | $24 (lifetime) | Desktop apps |
| NordPass | Limited | €36 | Breach scanner, sharing |
Bitwarden is cheapest. Enpass wins long-term with lifetime option.
My Recommendation
Choose Bitwarden if:
- Open-source verification matters to you
- You want to self-host
- You want the best free tier
- Budget is a concern
Choose Proton Pass if:
- You already use ProtonMail
- Email aliases are important
- Swiss jurisdiction is a priority
- You want one account for everything
Choose Enpass if:
- You want local-only storage
- One-time purchase appeals to you
- You already use iCloud/Google Drive
- You don’t need sharing features
Choose NordPass if:
- You want EU jurisdiction without technical setup
- You use NordVPN already
- Interface polish matters
- You need family sharing
FAQ
Is Bitwarden really US-based?
Yes, but you can self-host. Or trust that zero-knowledge encryption means they can’t read your data even if forced. The code is open for verification.
What happened to LastPass?
Encrypted vaults were stolen in 2022. With weak master passwords, attackers could potentially decrypt them offline with enough time and computing power.
Should I use browser’s built-in password manager?
For casual use, Chrome/Safari password managers are fine. For security-conscious users, dedicated managers offer better features and cross-platform sync.
What about KeePass?
KeePass is excellent but dated. Fully local, fully open-source, but the UX is from 2003. KeePassXC is a modern fork worth considering.
Try Them
- Bitwarden: bitwarden.com - Free forever
- Proton Pass: proton.me/pass - Free tier available
- Enpass: enpass.io - Free mobile
- NordPass: nordpass.com - Free tier
See also:
- 7 Password Managers That Won’t Sell Your Vault – Honest guide
- EU Alternatives to LastPass
- EU Alternatives to 1Password
- Why EU Software Matters
Last updated: January 2026
Some links may be affiliate links.