Feature
Keptex
Cloud managers
The most secure password manager. Zero vaults. Zero tracking.
All credentials are generated on the fly, powered by your key, not their cloud.
Web
Windows (coming soon)
macOS (coming soon)
Terminal (coming soon)
iPhone (coming soon)
Android (coming soon)
Extension (coming soon)
Zero storage
Your passwords are never stored anywhere.
Zero knowledge
Complete privacy with zero-knowledge architecture.
Accountless
No account needed, just connect and go.
Decentralised
Powered by your key, not their cloud.
While others store your secrets, we eliminate them.
Our approach redefines password security from the ground up.
Zero storage, zero risk
Traditional password managers create honeypots for hackers. We generate everything on demand, leaving nothing to steal or breach.
Your key, your control
Your cryptographic key is the only source of truth, giving you total sovereignty with ease.
True privacy by design
No accounts, no tracking, no data collection. Your identity stays completely private.
Source-available
Transparent algorithms, auditable code. No black boxes, no hidden backdoors, no trust required.
No vendor lock-in
Your key works everywhere. Switch devices, platforms, or implementations without losing access.
Community first
Every feature shaped by user feedback. We listen, iterate, and build exactly what you need.
Less surface. Less trust. Same passkeys.
Cloud managers (1Password, Bitwarden, Dashlane) store the credentials. We don’t. Every byte we don’t store is one we can’t lose, leak, or be subpoenaed for.
Master password to memorise
Optional
Yes
Cloud vault sync
None
Required
Recover from seed phrase
Yes
No
Source-available algorithm
Source-available
Proprietary
Server can leak your data
No server
Yes
WebAuthn passkey support
Yes (Ed25519 + ES256)
Yes
Three steps. One signature. Every credential.
The user-facing flow takes seconds. The cryptographic guarantee comes from the algorithm, HMAC-SHA-256 over a deterministic challenge, then HKDF-like derivation for each (site, account, counter) tuple.
You connect a wallet.
Freighter, MetaMask, Phantom, or generate a fresh Keptex-native wallet (Stellar + EVM + Solana from one seed, hardware-backed by default).
Keptex signs once.
A deterministic challenge. The wallet produces a 64-byte signature. From that, we derive a userKey, the seed of every credential you will ever create.
Credentials appear on demand.
Need a password for github.com? We derive it. A passkey for your bank? We derive it. Nothing stored, nothing synced. The wallet IS the interface.
Your wallet, your identity,
your credentials.
Source-available, public algorithm, launching on Chrome first. Mobile and desktop apps in the works.