Your Passwords, Protected by Real Security

Most password apps promise convenience. Password Vault delivers protection — zero-knowledge encryption, local-first storage, and a way to reach any browser securely, even one you don't own.

Try Secure Transfer →

Strength and Security, Built In

Every claim below is backed by code you can inspect, not marketing copy.

🔐

Zero-Knowledge Encryption

Every item is encrypted with AES-256-GCM on your device before it ever touches the network. Your master password never leaves your device, and we cannot see your data — ever.

🧠

Argon2id Key Derivation

Your master password is hardened with Argon2id, tuned to resist GPU cracking and brute-force attacks — the same class of algorithm trusted across the industry for password-based keys.

📴

Local-First by Design

Your vault lives in an encrypted SQLCipher database on your own device. The app works fully offline — the cloud is an optional convenience, never a requirement.

👆

Biometric Unlock

Face ID and fingerprint unlock are layered on top of your master password for fast, everyday access — without weakening what protects your vault at rest.

🔑

12-Word Recovery Code

A BIP-39 recovery phrase is generated once at setup. Lose your master password and it's the only way back in — nothing is ever stored that could recover it for you.

☁️

Optional Zero-Knowledge Sync

Turn on Premium sync and your encrypted vault follows you across devices. The server only ever stores ciphertext — decryption happens locally, on your device, every time.

📱

Secure Transfer to Any Browser

Need a password on a computer you don't control? Scan a QR code, decrypt entirely in that browser, done. Nothing typed, nothing installed, nothing left behind. See how it works ↓

📁

Folder Organization

Group logins into folders that make sense to you — your vault stays organized whether you have a dozen items or a thousand.

🧩

One Security Model, Three Vaults

Password Vault is part of the Vault Suite, alongside Email Vault and File Vault — one hardened encryption architecture, one account, shared across all three.

Public-computer safe

Secure Transfer, Explained

The question every password manager eventually has to answer: how do you get a password onto a computer you don't control — a library, a hotel business center, a machine with no admin rights — without ever putting the plaintext at risk?

1

Open the item on your phone and tap "Send to browser (QR)."

2

A one-time encrypted QR code appears, expiring in 60 seconds if unused. No server is involved — it's generated and encrypted entirely on your device.

3

Open the receiver page on any computer with a webcam and scan the code — no install, no browser extension required.

4

The browser decrypts it locally via WebCrypto and shows you the fields. Copy what you need — it clears from the clipboard automatically after 20 seconds.

Open the Secure Transfer Receiver →
Coming soon: a browser extension for instant, install-once autofill on your own personal computer — Secure Transfer will remain the go-to for every computer you don't own.

Privacy, Not a Promise — an Architecture