Dimension scores are derived from public data and fields; weighted into the composite. Reference only.
Consento is an open-source, free, decentralized passwordless shared access control system, positioned as a Human-Factor Authentication Hub for organizations. It protects data with encryption keys, then splits those keys into multiple unique parts and distributes them to trusted people or devices. Data can only be unlocked after the relevant keyholders give their “consent.” Rather than being a traditional cloud identity platform, its goal is to reduce password misuse, lost keys, and single-person failure through interpersonal trust, device possession, and shared responsibility.
In terms of protection, Consento covers passwordless MFA, key management, confidential data access control, and private data storage. Its deployment model emphasizes being cloud-free and having no central server: data is not handed over to Consento and is not centrally stored on a server. Instead, it is replicated across user-owned devices, with the option to let trusted people keep backups. Technically, it mentions Shamir’s Secret Sharing, encryption, DAT/distributed technologies, and hybrid logical clocks for synchronization and audit logging. For management and alerts, the documentation says the system notifies users when action is required to maintain security, but it does not provide details on alert channels, policy configuration, or an enterprise admin console. For integrations, the project is open source and claims the Consento-System can be used for password managers, web services, smartlocks, scheduling, and more, with planned support for crypto wallets and existing devices/online services.
Pricing information is limited. The main text clearly states that Consento is open and free, 100% FOSS, and can be supported via Open Collective. The team can also provide setup and training services on request, but no pricing is disclosed. For compliance certifications, the only wording found is “Out of the box certified,” without listing ISO, SOC 2, GDPR evidence, or healthcare compliance certifications. As a result, it should not be treated as having clearly documented certifications.
The advantages are its privacy-friendly architecture, lack of reliance on a centralized cloud service, and reduced centralized attack surface. Key splitting and multi-person consent can also mitigate the risk of “one person losing or misusing a key causing a global failure.” Its code and design are open source, making it suitable for security team audits. The limitations are that the project’s maturity and commercial information remain unclear, and details are missing around enterprise SLAs, permission governance, audit reports, directory integration, and mobile device management. Collaborative multi-party unlocking may also add process complexity and training costs.
Consento is better suited to SMEs, remote teams, healthcare data hosting scenarios, software escrow key management, and users protecting crypto wallet private keys, especially those who value privacy, self-hosting, and open-source auditability. Access from China, payment options, and local support are not described in the main text, so they should be considered unknown. If local compliance, Chinese-language support, or stable procurement is required, it may be worth comparing it with Bitwarden, 1Password, KeePass, YubiKey, Duo, Okta, HashiCorp Vault, as well as domestic zero-trust and identity authentication vendors.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on consento.org official site.
consento.org is an Unknown Security provider. TG4G tracks its product information, an overall rating of 6.0/10, and a China-accessibility score of Workable. Click "Visit Official Site" to reach consento.org directly.