For people who refuse to compromise on privacy
A local-first password manager with military-grade encryption. Your data stays on your device. No cloud. No compromises.
I have always been the person who refuses to drop bank logins, card numbers, or family credentials into some random cloud. I trust my laptop more than I trust third-party servers, yet I also know that storing passwords in plain text is asking for trouble.
Around the same time I wanted to learn Electron and dive deep into modern encryption. SecureVault is the result of that itch: a local-first password manager that I initially wrote for myself and now want to share with anyone who is equally security-conscious.
It runs on your desktop, keeps everything encrypted at rest, and still has room to grow into a family-friendly sharing hub.
Battle-tested cryptography that keeps your secrets safe
Turns your master password into a 256-bit key while chewing through memory and CPU cycles, making brute-forcing painfully slow for attackers.
A battle-tested cipher that provides both confidentiality and tamper detection. The same encryption trusted by governments and financial institutions worldwide.
// Argon2id Key Derivation
const salt = crypto.getRandomValues(
new Uint8Array(16)
);
const key = await argon2.hash({
password: masterPassword,
salt: salt,
parallelism: 4,
iterations: 3,
memorySize: 65536, // 64 MB
hashLength: 32, // 256 bits
outputType: 'encoded'
});
// AES-256-GCM Encryption
const iv = crypto.getRandomValues(
new Uint8Array(12)
);
const encrypted = await crypto.subtle.encrypt(
{
name: 'AES-GCM',
iv: iv,
tagLength: 128
},
key,
data
);The heart of SecureVault's encryption flow
Every vault lives on disk as an encrypted JSON blob located inside Electron'sapp.getPath("userData"), which is your user-specific application folder.
On first run, SecureVault creates the directory, stores an encryptedvault.json, and keeps re-using it whenever you unlock the app.
Because everything is local, you don't have to rely on any vendor. Want to back it up manually onto a USB drive? Go for it. Prefer to keep it within your home network-attached storage? That's exactly what I'm optimizing for.
Logins with usernames and passwords
Credit cards with full details
Bank accounts and financial information
Secure notes for sensitive documents
A gentle peek at the roadmap
I know that living on more than one device is the norm, so I've been working on a sync story that still keeps you in control. Today there's a lightweight API that only ever handles encrypted blobs, never plaintext vaults.
Encrypted blobs only
Server stays blind
Timestamps only
For people who want to integrate with their own infrastructure, I'm experimenting with optional connectors such as a Google Drive module that stores only encrypted files inside a folder you own.
The same pattern will work with self-hosted storage or a private cloud share, so you can sync without surrendering ownership. A trial build with these sync hooks is already available.
Main Vault
Personal credentials
Family Vault
Shared with 4 members
Work Vault
Professional accounts
SecureVault already supports multiple entry types that cover day-to-day life, and the licensing layer outlines how family sharing will evolve.
Dedicated Shared Vaults
Separate vaults for personal and family credentials
Automatic Sync
Keep family vaults synchronized across devices
Up to 5 Family Members
Share with your partner, kids, or parents
My goal is to let you choose which logins stay personal and which ones you can hand off to your partner, kids, or parents without emailing passwords around.
SecureVault may have started as my learning project, but it has grown into a tool I trust daily. It's private, auditable, and built with battle-proven cryptography.
If you crave the peace of mind of keeping credentials on your own machines while still enjoying modern conveniences like strong password generation and future-ready sync, give it a spin.
I'm sharing it with the community because I believe more people deserve that blend of control and security.
Have questions about SecureVault? We're here to help.