Most password apps promise convenience. Password Vault delivers protection — zero-knowledge encryption, local-first storage, and a way to reach any browser securely, even one you don't own.
Every claim below is backed by code you can inspect, not marketing copy.
Every item is encrypted with AES-256-GCM on your device before it ever touches the network. Your master password never leaves your device, and we cannot see your data — ever.
Your master password is hardened with Argon2id, tuned to resist GPU cracking and brute-force attacks — the same class of algorithm trusted across the industry for password-based keys.
Your vault lives in an encrypted SQLCipher database on your own device. The app works fully offline — the cloud is an optional convenience, never a requirement.
Face ID and fingerprint unlock are layered on top of your master password for fast, everyday access — without weakening what protects your vault at rest.
A BIP-39 recovery phrase is generated once at setup. Lose your master password and it's the only way back in — nothing is ever stored that could recover it for you.
Turn on Premium sync and your encrypted vault follows you across devices. The server only ever stores ciphertext — decryption happens locally, on your device, every time.
Need a password on a computer you don't control? Scan a QR code, decrypt entirely in that browser, done. Nothing typed, nothing installed, nothing left behind. See how it works ↓
Group logins into folders that make sense to you — your vault stays organized whether you have a dozen items or a thousand.
Password Vault is part of the Vault Suite, alongside Email Vault and File Vault — one hardened encryption architecture, one account, shared across all three.
The question every password manager eventually has to answer: how do you get a password onto a computer you don't control — a library, a hotel business center, a machine with no admin rights — without ever putting the plaintext at risk?
Open the item on your phone and tap "Send to browser (QR)."
A one-time encrypted QR code appears, expiring in 60 seconds if unused. No server is involved — it's generated and encrypted entirely on your device.
Open the receiver page on any computer with a webcam and scan the code — no install, no browser extension required.
The browser decrypts it locally via WebCrypto and shows you the fields. Copy what you need — it clears from the clipboard automatically after 20 seconds.