AegisVault combines AES-256-GCM encryption with Argon2id key derivation to deliver cryptographically verified protection for every credential you own. No cloud. No compromise.
Purpose-built modules that work in concert to protect, generate, analyze and manage every credential in your digital life.
AES-256-GCM (NIST SP 800-38D) with Argon2id key derivation (RFC 9106). Your master password is never stored — only used to derive the encryption key.
Generate pronounceable, memorable passwords with configurable syllable patterns. Security without sacrificing recall.
Cryptographically secure random password generation with live preview. Entropy you can see before you commit.
Diceware-style passphrase creation from curated wordlists. High entropy, human memory, zero compromise.
Real-time strength scoring, breach detection simulation, and similarity analysis to eliminate weak patterns across your vault.
Schedule automatic password rotation with policy enforcement. Stay ahead of credential aging threats without manual effort.
AegisVault's interface is designed for clarity and speed — 11 specialized modules, one unified workspace.
From batch operations to dashboard analytics, AegisVault gives you total command over your security posture.
Every layer of AegisVault's security stack has been chosen for proven resistance to modern attack vectors — from brute force to quantum-adjacent threats.
A unified suite of tightly integrated modules for every dimension of password security and management.
The encrypted heart of AegisVault. Store, search, and manage all credentials with cryptographic-grade security. Supports templates, tags, custom fields, and advanced filtering across thousands of entries.
Pronounceable password generation with customizable syllable structures, phoneme rules, and live preview.
True cryptographic randomness with full character set control and real-time entropy visualization.
Diceware wordlist generation with custom separators and capitalization rules for high-entropy phrases.
Bulk import, export, and transformation of credential sets with full auditing capabilities.
Strength scoring, duplicate detection, and similarity analysis across your entire vault.
Live security health scoring with actionable recommendations and trend analysis.
Complete event timeline with full audit trails for every credential in the vault.
Encrypted vault export and restoration for disaster recovery and portability.
Granular policy configuration, theme control, and vault behavior customization.
Polished interface layer with toast notifications, keyboard shortcuts, and accessibility features.
AegisVault is currently in Beta. Your feedback directly influences what gets built for V1. This takes 2 minutes — and it matters.
Anonymous by default. Your email is only stored if you provide it. Zero telemetry.
Get AegisVault running in minutes. No installation required — portable executable for Windows 10/11.
Run AegisVault locally with zero cloud dependency. Designed for isolated networks and critical environments. Your data never leaves your machine.
Beta is provided as a portable .exe. A Windows SmartScreen warning may appear on first launch — this is expected for unsigned executables.
Generate a signed trial license for AegisVault, bound to your Machine ID and valid for 30 days. No cloud activation required.
ⓘ Find your Machine ID in AegisVault: Menu → System Information
Check your inbox — you'll receive your personalized .lic file within a few minutes, bound to your Machine ID.
Cloud-based managers trade security for convenience. AegisVault makes no such trade.
| Feature | AegisVault | 1Password | Bitwarden | LastPass |
|---|---|---|---|---|
| Storage & Privacy | ||||
| 100% local vault (no cloud) | ✓ | ✗ | Partial | ✗ |
| Works offline — no internet required | ✓ | Cached | Cached | ✗ |
| Zero telemetry — no analytics | ✓ | ✗ | ✗ | ✗ |
| No account or registration required | ✓ | ✗ | ✗ | ✗ |
| Open to data breach risk | None | Yes | Yes | Breached 2022 |
| Cryptography | ||||
| AES-256-GCM authenticated encryption | ✓ | ✓ | ✓ | ✓ |
| Argon2id key derivation (RFC 9106) | ✓ | ✗ | ✓ | ✗ |
| Ed25519 license signatures | ✓ | N/A | N/A | N/A |
| Features | ||||
| Coherent (pronounceable) password generator | ✓ | ✗ | ✗ | ✗ |
| Similarity analysis across vault | ✓ | ✗ | Basic | Basic |
| Encrypted local backups | ✓ | ✗ | Export only | ✗ |
| Perpetual license (no subscription) | ✓ | ✗ | Freemium | ✗ |
| Pricing | ||||
| Free tier | Full app free | ✗ | Limited | Very limited |
| Paid plan | €75 one-time | $36/yr | $10/yr | $36/yr |
Jérémy Dufaure is an audiovisual and telecom engineer with hands-on experience deploying and securing critical infrastructure on four continents. He has worked on private mobile networks, broadcast systems, and mission-critical environments where a single credential failure has direct operational consequences.
AegisVault was not built during office hours. It was designed and coded entirely outside of work — on weekends, late nights, and sacrificed personal time — driven by a simple observation: no existing password manager was trustworthy enough for use on isolated, high-stakes networks.
Jérémy brings a rare combination: deep technical discipline in audiovisual and telecom engineering, relentless curiosity across every technology domain, and the instinct of an innovator who builds what the market hasn't delivered yet. His passion remains firmly in audiovisual and private mobile networks — fields where he envisions leading as a Technical Director or Director of Innovation.
Get AegisVault running in minutes. No installation required — portable executable for Windows 10/11.
Run AegisVault locally with zero cloud dependency. Designed for isolated networks and critical environments. Your data never leaves your machine.
Beta is provided as a portable .exe. A Windows SmartScreen warning may appear on first launch — this is expected for unsigned executables.
Generate a signed trial license for AegisVault, bound to your Machine ID and valid for 30 days. No cloud activation required.
ⓘ Find your Machine ID in AegisVault: Menu → System Information
Check your inbox — you'll receive your .lic file within minutes, bound to your Machine ID.
AegisVault Beta gives you 30 days to evaluate the full product. No cloud. No subscription. When V1 launches, you buy once and it's yours for life.
30-day evaluation period — not free forever.
Download the Beta and access every feature for 30 days. No credit card. No cloud account. Just the full product, locally, on your machine.
Machine-locked trial · 30 days · no renewal
Buy once. Own it forever. AegisVault V1 is the first commercial release — perpetual license, no subscription, no renewal fee. Scheduled for Q3/Q4 2026.
Get notified → use the survey below
For teams and organizations operating in air-gapped, regulated, or critical infrastructure environments.
Starting from AegisVault V30 — five versions of deliberate, offline-first innovation. No cloud, ever.
Everything you need to know about AegisVault's security model and how it protects you.
Never. AegisVault is 100% local. Your vault file never leaves your machine. There is no telemetry, no analytics, no cloud of any kind. This is a core design principle, not a feature — and it will never change.
There is no recovery option — by design. Your master password is never stored; it derives the encryption key via Argon2id. Only you can access your vault. Store your master password in a secure physical location as a backup.
You request a license by providing your Machine ID. A cryptographically signed .lic file is generated and sent to your email. It is bound to your Machine ID and valid for 30 days. It cannot be transferred or reused on another machine.
AES-256-GCM authenticated encryption for vault data, with Argon2id key derivation (memory-hard, GPU/ASIC-resistant) for the master password. Licenses are signed with Ed25519. This stack is considered best-practice for local secret storage.
No. AegisVault runs entirely offline once activated. An internet connection is only needed for the initial license activation. After that, it works indefinitely with no network access whatsoever.
The Beta is distributed as an unsigned portable .exe to avoid code-signing costs during development. Click "More info" → "Run anyway" to proceed. Code signing is planned for the stable release.
Download AegisVault Beta and experience what real password security looks like. Free to start. Impossible to compromise.
Τά μωστήριά σου ὑπό σοφῆ προστασία.
Your secrets are under intelligent protection.