Your Passwords, Your Device Only.
Password Vault is a free, installable web app that encrypts your credentials with AES-256-GCM and stores them locally. Optionally back up to your own Google Drive — encrypted before upload. No account. Just security.
Open /vault in your browser to install as an app.
iOS: Open /vault → Share → Add to Home Screen
Three steps to complete security
No registration, no email, no phone number. Just open the app and set your PIN.
Create a 6-digit PIN
Your PIN derives a 256-bit encryption key through 600,000 rounds of PBKDF2. This key wraps a random master key.
Save your recovery key
A 32-character recovery key is generated once. Write it down — it's your only way back if you forget your PIN.
Add credentials
Each credential is encrypted individually with AES-256-GCM and stored in your browser's IndexedDB. That's it.
Security, Not Marketing
We don't just say it's secure — here's exactly how every layer of protection works.
AES-256-GCM Encryption
Military-grade encryption. Every credential is individually encrypted with a unique IV. Even if someone accesses your device, they can't read your passwords without your PIN.
Zero-Knowledge Architecture
Your data never leaves your device. No server, no cloud, no account. We literally cannot see your passwords — the encryption key exists only in your browser's memory.
90-Day Rotation Reminders
Password Vault tracks password age and alerts you when credentials are older than 90 days. One-click password regeneration with our built-in cryptographic generator.
PBKDF2 Key Derivation
Your PIN goes through 600,000 rounds of PBKDF2 before deriving the encryption key. This makes brute-force attacks computationally infeasible — even with specialized hardware.
Auto-Lock Protection
Vault automatically locks after 5 minutes of inactivity or 30 seconds when you switch tabs. The encryption key is wiped from memory — not just hidden, actually deleted.
Recovery Key System
During setup, you receive a 32-character recovery key. If you forget your PIN, this key can decrypt your vault and let you set a new one. Keep it safe — it's your only backup.
Google Drive Cloud Backup
Optionally back up your encrypted vault to your own Google Drive. Your data is encrypted before it ever leaves your device — Google only sees an encrypted blob. You stay in full control.
Encrypted backup to your Google Drive
Worried about losing your vault if you clear browser data? Connect your Google Drive and back up your encrypted vault with one click. Your data is encrypted with AES-256-GCM before upload — Google never sees your passwords.
Cloud Backup
Google Drive
Your vault is encrypted before upload
Under the Hood
Complete transparency on our encryption architecture
// Key Derivation
PIN → PBKDF2(SHA-256, 600,000 iterations, random salt) → 256-bit wrapping key
// Master Key
crypto.subtle.generateKey("AES-GCM", 256) → random master key
Master key wrapped with PIN-derived key via AES-KW
// Per-Credential Encryption
credential → JSON → AES-256-GCM(master key, random 12-byte IV) → ciphertext
// Recovery
Recovery key (32 chars) → PBKDF2(separate salt) → unwraps same master key
// Storage
IndexedDB (browser-local) → encrypted blobs only → no server calls
// Cloud Backup
Vault snapshot → AES-256-GCM encrypted → base64 JSON → Google Drive appDataFolder (hidden, app-only)
Why trust Password Vault?
Ready to take control of your passwords?
Free forever. No ads. No tracking. No server. Just you and your encrypted vault.
Works in Chrome, Edge, Firefox, Safari · Install as a standalone app