Agencies juggle dozens of client logins — Figma seats, ad accounts, CMS admins, analytics. LitePassword gives you one vault per client and revokes cleanly when projects end.
That's exactly the size LitePassword is shaped around. Same zero-knowledge encryption, same three roles, but priced for agencies — not enterprise. The Business plan covers you, and you can start on Free today.
Try free →That's exactly the size LitePassword is shaped around. Same zero-knowledge encryption, same three roles, but priced for agencies — not enterprise. The Business plan covers you, and you can start on Free today.
Try free →A typical 6-person agency has 8-12 active clients. Each client has 4-6 logins they’ve handed off — Figma seat, ad accounts, CMS admin, analytics, maybe a shared inbox. That’s 32-72 shared credentials across the agency, with a different security posture per founder’s habits.
The mess shows up at offboarding. A designer leaves Tuesday. Through the next month you discover three places they still had access to.
LitePassword is built to remove that mess by structure, not discipline.
Internal
├── Figma agency seat
├── Brex card
├── Slack admin
└── Linear workspace
Client — Acme
├── Webflow admin
├── Google Ads
├── GA4
└── Mailchimp
Client — Lemon.io
├── Figma client seat
├── Meta Business
└── Klaviyo
…one shared vault per client.When you onboard a new client, you create one vault, drop in their logins, and grant access to the 2-3 team members on that account. When the engagement ends, you remove access — the vault stays for reference, but only Admins can still open it.
The thing that makes this clean is per-vault access, layered on top of role. A Manager-level designer can be granted access to Acme’s vault but not Lemon’s. When they’re rotated off Acme, you revoke that one vault and they keep Lemon access. No need to bump them down to View only or invent a new role.
A two-week contractor needs Figma + GA4 for one client. The right setup:
If you accidentally invite as Manager and grant them on the wrong vault, downgrading their role doesn’t retroactively lock them out of vaults they already opened. The revoke (and key rotation) is what actually closes the door. The full pattern is documented in How to revoke shared password access when someone leaves.
LitePassword Business: $60/mo (6 × $10). Annual: $540/yr.
That’s roughly the same as 1Password Teams ($19.95 + $7.99 × 6 = $67.94/mo) or Dashlane Business ($8 × 6 = $48/mo). The differentiator isn’t price at this size — it’s the role model. Three roles + per-vault access is closer to how agencies actually organize than 1Password’s “groups + collections + custom permissions” matrix.
No credit card. Free for one user. Upgrade only when you bump into the limits.
Make one shared vault per client (named after the client). Inside the vault, group secrets by tool: "Webflow", "GA4", "Meta Ads". Use the View only role for contractors who only need to read, Manager for full team members. Revoke at end of engagement and vault keys rotate automatically.
Keep them in a separate "Internal" vault. Internal credentials (Figma agency seat, internal Slack, Brex card) should not mix with client vaults. Otherwise an end-of-engagement revoke pulls the wrong access.
Users page → Revoke Access on their row. Every vault they had access to rotates its encryption key automatically. Cached copies on their device become undecryptable. Do this within 24 hours of departure.
You can show them the member list of their dedicated vault. Per-user activity logging is on the roadmap for Business customers.
Usually yes. Business covers up to 12 users for $10/mo flat. Most boutique agencies fit. If you have 13+ people, the product is not sized for you — look at 1Password Teams.
Invite by email as View only. Open Manage Vault Access on their row, toggle on the client vault they need. They sign in, set their master password, get a recovery key. At day 14 you revoke. Total admin time: under 5 minutes.
Create your account in under a minute. Pick a master password. We'll generate your recovery key for you.