Open-source password manager

Secure Vault

Local password and credential manager with TOTP, AES-256 encryption, import/export, audit, and auto-lock.

Download Source code

Secure Vault

Manage passwords locally, without cloud lock-in

Password management

Credentials with URL, categories, notes, tags, search, quick copy, and advanced filters.

TOTP per RFC 6238

Built-in two-factor authenticator with 6- or 8-digit codes, 30- or 60-second intervals, QR-code scanning, and live countdowns.

Fully local encryption

AES-256-CBC, PBKDF2 with SHA-512 at 100,000 iterations, and a bcrypt-hashed master password. No cloud sync; all data stays on the device.

Audit and strength analysis

Strength scoring via zxcvbn, detection of weak and reused passwords, and entries older than six months.

Import, export, and backup

Import from LastPass (CSV), Bitwarden (JSON), KeePass (CSV), Chrome (CSV), Firefox (JSON), WinAuth (TXT/TOTP), generic JSON, and CSV. Encrypted .svault backups with gzip compression and AES-256.

Session safety

Auto-lock between 5 and 60 minutes, standby lock, clipboard cleanup between 10 seconds and 2 minutes, and hotkeys Ctrl+Shift+V (quick access) and Ctrl+Shift+L (lock).

Technical specs

Concrete values instead of marketing words.

Secure Vault encrypts everything locally. These are the algorithms, standards, and intervals the tool uses.

Cryptography

  • AES-256-CBC for vault data
  • PBKDF2 with SHA-512, 100,000 iterations
  • bcrypt for the master password
  • Unique salt per vault

TOTP per RFC 6238

  • 6- or 8-digit codes
  • 30- or 60-second intervals
  • QR-code scanning from the screen
  • Live countdown per entry

Session and hotkeys

  • Auto-lock 5 to 60 minutes
  • Clipboard cleanup 10 seconds to 2 minutes
  • Ctrl+Shift+V for quick access
  • Ctrl+Shift+L to lock

Audit and analysis

  • Strength scoring via zxcvbn
  • Detection of weak and reused passwords
  • Flags entries older than 6 months
  • Clear reports with next steps

Import

  • LastPass (CSV)
  • Bitwarden (JSON)
  • KeePass (CSV)
  • Chrome (CSV) and Firefox (JSON)
  • WinAuth (TXT with TOTP secrets)
  • Generic JSON and CSV

Export and backup

  • Encrypted .svault backup (gzip + AES-256)
  • Generic JSON or CSV
  • LastPass-CSV-compatible export
  • Bitwarden-JSON-compatible export