Vault Password Manager
Offline-first security for people who would rather trust themselves than breached clouds.
Welcome to the official project site for Vault, an Android password manager that keeps every secret on your device. Cloud-hosted password services are attractive targets and history shows that even the biggest providers can be compromised. Vault exists for makers, security professionals, and privacy-minded users who prefer to own the full lifecycle of their credentials.
Why Vault exists
The problem we are solving
- Cloud password stores concentrate everyone’s keys in one place. A single breach or misconfiguration can leak millions of passwords.
- Vendors may log, analyze, or mine usage data. Even if encrypted at rest, metadata and recovery workflows can be abused.
- Outages and geo-blocking can lock you out of your own accounts.
Our approach
- No cloud, ever. Vault never requests the
INTERNET permission. Secrets only live on the device and in the backups you create.
- User-owned security. You control keystores, release builds, and distribution. There is no vendor trust gap.
- Modern cryptography. Argon2id, AES-GCM, hardware-backed Android Keystore, and biometric unlock work together to protect data.
Site navigation
| Section |
What you will find |
| Features |
A tour of every capability Vault ships with today. |
| User Expectations |
Your responsibilities for staying safe. |
| User Manual |
Step-by-step walkthroughs of common tasks with annotated diagrams. |
What users are expected to do
Using Vault means you are part of the security equation. Follow this checklist to stay safe:
- Protect your device. Keep Android updated, lock with biometric or strong passcode, and avoid running on rooted devices.
- Choose a strong master passphrase. Vault strengthens it with Argon2id, but entropy starts with you.
- Back up regularly. Use the in-app backup flow to export encrypted copies to at least two locations you control.
- Guard the keystore. When you build releases yourself, store signing keys and passwords offline in a password manager.
- Verify builds. Prefer reproducible builds through the provided GitHub Action. Validate checksums before installing.
- Stay vigilant. Monitor release notes, changelog, and security advisories for updates.
📘 Need guidance? The User Manual shows how to complete each task safely.
Ready to dive in?
- Browse the feature tour.
- Clone the GitHub repository and follow the in-repo
README.md for build instructions.
- Join discussions through issues or pull requests—contributions are welcome.
Enable this site on GitHub Pages
This site is automatically deployed via GitHub Actions. To enable it:
- In the repository settings, open Pages.
- Under Build and deployment, choose GitHub Actions as the source.
- The site will be published at
https://<owner>.github.io/vault/.
The deployment workflow (.github/workflows/pages.yml) builds from the docs/website folder and triggers automatically on every push to develop.