SealedKeys
Zero-knowledge password and secrets manager built for technical teams.

SealedKeys is a zero-knowledge password and secrets manager designed for technical teams to store passwords, API keys, SSH keys, and other credentials. All secrets are encrypted client-side with AES-256-GCM before leaving the user's device, meaning the server never sees plaintext. It supports SAML 2.0 SSO with Okta, Entra ID, and Google Workspace, along with role-based access control and a full audit trail.
Secrets are encrypted client-side in the browser using AES-256-GCM with a PBKDF2-derived vault key before being stored on EU servers, ensuring the server never holds plaintext data.
Technical teams, developer teams, startups, agencies, and enterprise IT departments
Background.
- Status
- launched
- Business model
- freemium
Similar projects.
Editorial take on the space this project sits in — momentum signals, adjacent moves, our call on whether the wedge is real. Get pinged when we publish a new read or when the landscape shifts.
Have a take on this space?
Tell us what you’d build differently, where you think the incumbents miss, or what we’ve gotten wrong about this project. Comments + reactions are coming soon.