PearPass: The Password Manager With No Servers to Hack

Most password managers store your vault on someone else's servers. If those servers go down, you lose access. If they get breached, your data is exposed. PearPass, launched by Tether-backed Holepunch, eliminates that risk entirely by removing servers from the equation.

"Every major breach proves the same point: if your secrets live in the cloud, they're not really yours," said Paolo Ardoino, CEO of Tether and co-founder of Holepunch. "PearPass removes the single point of failure. No servers, no intermediaries, no back doors. Recovery and synchronization across users' devices happens peer-to-peer, with your keys, under your control, without gatekeepers."

PearPass takes a fundamentally different approach: it's fully peer-to-peer. Your passwords live only on your devices, your phone, laptop, tablet. When you need to sync across devices, PearPass creates encrypted peer-to-peer connections directly between them. No intermediary. No cloud. No third party ever touches your data.

"Most password managers are 'cloud-first,'" explains Mathias Buus, CEO of Holepunch. "They store your entire vault of passwords, along with sensitive information like login history and autofill data, on centralized servers you do not control. These servers become prime targets for attackers and a single point of failure for your security."

Unlike decentralized systems that still rely on distributed servers, PearPass is 100% P2P. "All your consumer devices can run and maintain your data, without the need for servers like in federated and centralized systems," Buus says.

The Backup Question

The obvious concern: what happens if you lose all your devices?

PearPass allows you to download a backup and store it wherever you want, a physical drive, a backup device, even the cloud if you choose. The team is also working on a future feature where backups could be distributed across the PearPass network and retrieved through authorization.

Built on Pear Runtime

PearPass runs on Pear Runtime, Holepunch's open-source framework for building peer-to-peer applications. Developers don't need to be P2P experts to build on it. "There are comprehensive guides and simple app examples on docs.pears.com," Buus notes. "No signup, no fees."

The platform already powers Keet, Holepunch's encrypted messenger with over 13,000 people in its news room, all running fully P2P.

How does P2P handle that scale? "P2P scales by default, opposite to the classic client-server model," Buus explains. "The more devices are connected, the easier it is technically to operate. The hardest thing in P2P networks can be getting the initial spark to work, very small networks with only a few peers. As you scale and get more peers, it only grows stronger and more robust."

Why Now?

Holepunch is backed by Tether, which allows the company to focus on building open-source infrastructure without chasing traditional revenue models. "Our economic sustainability doesn't rely on traditional monetization strategies," Buus says. "This liberates us from the immediate need to generate revenue from Pear Runtime and allows us to focus on fostering innovation and supporting the developer community."

Buus offers an analogy for why PearPass matters: "Planes are generally the safest way to travel, but you wouldn't put all the top scientists in the world in the same plane, that's cloud password managers."

With PearPass, there is no plane. As Ardoino puts it: "This is security that can't be switched off, seized, or compromised, because it was never in someone else's hands to begin with."

In a world of increasing cloud breaches and service outages, that might be exactly what password security needs.