What sets it apart
Zero-knowledge: AES-256-GCM with Argon2id — the platform never sees plaintext, ever
Vault Health dashboard: continuous scoring of weak, reused, aging, and breached credentials
Scoped sharing with time-limited grants and one-click revocation
Break-glass emergency access via trusted contacts — no master override key
Key Capabilities
Zero-knowledge Encryption
AES-256-GCM with Argon2id key derivation. Encrypted on device — the platform cannot access your secrets even if compromised.
Vault Health
Continuous security posture: weak, reused, aging, and breached credential detection with actionable remediation.
Scoped Sharing
Item or collection sharing with view/use/edit permissions, time-limited grants, and one-click revocation.
Emergency Access
Cryptographic break-glass via trusted contacts with configurable waiting periods — no master override weakens the encryption.
Hardened Auth
Passkeys, FIDO2, TOTP, biometrics, and hardware keys. Session inventory with per-device revocation.
Governance & Billing
Plan entitlements, usage metering, seat tracking, and invoice history — the operating dashboard for the security programme.
Who it’s for
One vault for every credential type — answer 'who has access to what' in seconds, not weeks of spreadsheet auditing.
SSH CA, dynamic credentials, Kubernetes injection, and developer CLI — no more .env files in repos.
Company-wide credential management with health scoring, breach monitoring, and hardened multi-factor authentication.
Perpetual Licence
OwnVault is available as a perpetual licence. You own the software forever. Deploy on your infrastructure. No annual renewals, no per-seat pricing, no vendor lock-in.