keevo
Sign in Get Keevo
Public beta — v0.9.2
Live, verifiable proof 5,138,956

passwords protected today, encrypted on-device before they ever touch our servers.

Keevo is a zero-knowledge password manager. We can't read your vault — and you don't have to take our word for it. Open audit, open clients, open standards.

Get Keevo — free forever See how it works
Encryption XChaCha20-Poly1305
Key derivation Argon2id · 1 GB
Last audit Cure53 · Mar 2026
Sync server EU · self-hostable

Zero-knowledge by default

Your Master Password never leaves your device. Not even our team can decrypt your vault.

Open standards

XChaCha20, Argon2id, ed25519. No homemade crypto. Spec is public on GitHub.

Independently audited

Cure53 reviewed our cryptography in March 2026. Full report linked, signed, dated.

Local-first, sync optional

Use Keevo entirely offline. Sync via our server, your own server, or skip it.

How Keevo works

Your Master Password stays with you.

When you create your account, your Master Password is stretched locally with Argon2id — 1 GB of memory, 4 iterations. The result derives a key that we never see, never store, never log.

Your Secret Key adds entropy nobody else has.

A 128-bit Secret Key is generated on your device at sign-up. It's combined with your Master Password to unlock the vault — even if someone steals our entire database, they still can't brute-force you.

Your vault is encrypted before it ever leaves.

Every credential, note, and key is sealed with XChaCha20-Poly1305 on-device. The ciphertext is what syncs. We see opaque blobs — never plaintext, never structure, never metadata.

Argon2id · key derivation local only
Master Password
correct·horse·battery·staple
argon2id(mem=1GB, t=4, p=2)
Derived key (32 bytes)
b3:91:ae:7c:55:f0:d2:18:6a:9e:43:c1:ff:08:a7:2b:8d:5e:f4:11:c0:6b:32:99:ad:7e:18:42:b5:e1:c3:00
Vault unlock key · HKDF device only
Master-derived key
b3:91:ae:7c:55:f0:d2:18 …
Secret Key (128-bit, generated on device)
A4-9KZ-7FX-2BR-NMC-PLW
↓ HKDF-SHA256 ↓
Vault unlock key
e8:a2:73:91:0d:bc:6f:48:81:ff:c5:73:14:5e:2a:90 …
XChaCha20-Poly1305 · sealed vault encrypted
github.com
7b·a3·91
vietcombank.com.vn
f0·2c·11
openai.com — API key
e1·8b·44
notion.so
9d·45·02
247 items · 4.2 KB sealed ↗ synced
Everywhere you sign in

One vault. Three first-class clients.

The native iOS app, the Manifest V3 Chrome extension, and the web vault are built from the same Rust core. Same threat model, same audit, same crypto.

iOS · 17+

Native iOS app

Vault
Search
github.com
tuan@keevo.dev
openai.com
sk-proj-···7f3a
vietcombank.com.vn
tuanle
+ New item
  • Face ID
  • AutoFill
  • Watch sync
Web · vault.keevo.tuanle.dev

Web vault

vault.keevo.tuanle.dev/items/247
Title
github.com
Username
tuan@keevo.dev
Password
••••••••••••••••
2FA
827 391 · 22s
Note
work account · MFA paired
Copy Edit Share
  • Hardware key
  • Recovery
  • Self-host
Chrome · MV3

Browser extension

Sign in to linear.app?
tuan@keevo.dev
linear.app · 2FA paired
Fill
Decrypted in your browser. View 2 more matches
← all items ● synced 4s ago
  • MV3
  • Phishing-safe
  • No telemetry
What's inside

The boring stuff, done well.

No AI assistants. No analytics. No clever new ideas about cryptography. Just the things a password manager has to do — and the receipts to prove they happen on your device.

Vault

Logins, secure notes, API keys, credit cards, identities. Tagged, searched, sorted — all client-side.

Vault details

Generator

True random passwords, passphrases, or PINs. CSPRNG-backed, configurable wordlist, never sent to any server.

See generator

AutoFill

iOS AutoFill, Chrome content-script fill, hardware-key TOTP, phishing-domain checks before any keystroke is matched.

AutoFill details

Sync

End-to-end encrypted sync across devices. Self-host the relay if you want — the protocol is documented.

Sync internals

Recovery Kit

A printable PDF holding your Secret Key + recovery instructions. The only way back in if you forget your Master Password.

Recovery model

Sharing

One-time encrypted links for guests. Persistent shares for teammates with a public-key handshake. No third party reads anything.

Share model
Honest pricing

Free for individuals. Always.

The Free plan covers everything one person needs across every device. Pro adds family sharing, hardware-key recovery, and priority support.

Free

Forever, every device, no upsell.

$0/ forever
  • Unlimited items, unlimited devices
  • Sync across iOS, Chrome, Web
  • Generator + AutoFill + 2FA
  • Self-hosted sync option
Download — free
Pro

Pro

For households and teams up to 6.

$3/ month, billed yearly
  • Everything in Free
  • Family sharing — 6 members, shared vaults
  • Hardware-key recovery (YubiKey, SoloKey)
  • Breach scanning + dark-web alerts
  • Priority support, 24h response
Try Pro free for 30 days
Compare every feature
Switching from somewhere else?

See how Keevo stacks up against 1Password, Bitwarden, and LastPass.

Encryption, audit history, recovery model, sharing, pricing — side by side, no marketing fluff.

Compare side-by-side
Common questions

Things people actually ask.

If you lose both your Master Password and your Recovery Kit, your vault is unrecoverable. By design — that's the point of zero-knowledge. Pro plan adds hardware-key recovery as a backup factor.
iCloud Keychain is excellent on Apple devices but locked to Apple. Keevo works the same way on iOS, Chrome (any OS), and the web vault. Plus secure notes, API keys, sharing, and audit trails Keychain doesn't offer.
The cryptography core (Rust) and the iOS / Chrome / Web clients are open source under MPL-2.0. The sync server is open under AGPL-3.0 so you can self-host. The repos are at github.com/keevo.
Sync data lives encrypted in Frankfurt (Hetzner). You can pin a region, or run your own relay — the sync protocol is documented and the server is open source.
They can compel us to hand over what we have — which is encrypted ciphertext we cannot decrypt. We publish a transparency report quarterly and a warrant canary at status.keevo.tuanle.dev.
Yes. The vault lives on your device. Sync is opportunistic — when you have a connection it pushes ciphertext deltas. Read, edit, and unlock all work offline.
Read the full FAQ
Ready when you are

Your old passwords are still floating around. Move them somewhere safer.

Import from 1Password, Bitwarden, LastPass, Chrome, or a CSV in under 60 seconds.

Get Keevo Read security model