Everything you need to know about SecureVault. Can't find what you're looking for? Contact us.
SecureVault is a free, open-source password manager built by Nafij Rahaman. It uses AES-256 encryption with zero-knowledge architecture to securely store passwords, documents, security keys, and 2FA codes. It features a Chrome browser extension for seamless auto-fill across all websites.
Yes! The free plan includes unlimited passwords, 100MB file storage, built-in TOTP 2FA authenticator, browser extension, password sharing, and security dashboard. Premium plans starting at just $0.10/month (৳10 BDT) provide additional storage and priority support.
SecureVault was built by Nafij Rahaman, a Professional Full Stack Developer from Bangladesh. He specializes in React, Next.js, Node.js, Python, and Flask. Learn more at nafij.me or visit the Portfolio page.
Yes! SecureVault is fully open source. You can view, audit, and contribute to the source code on GitHub. Transparency is a core principle of our security approach.
SecureVault uses AES-256 encryption — the same standard used by governments and military organizations. Your master password is processed through PBKDF2 with 100,000+ iterations to create an encryption key. Data is encrypted before being stored, meaning even server administrators cannot access your information.
Zero-knowledge means only you can access your data. Your master password never leaves your device — it's used locally to derive the encryption key. SecureVault's servers only store encrypted blobs that are useless without your password. Even in a data breach, attackers get nothing meaningful.
No. SecureVault has never been breached. And even if servers were compromised, the zero-knowledge architecture ensures your encrypted data remains completely inaccessible without your master password. We also implement rate limiting, IP-based protection, and TOTP 2FA.
Navigate to your Security Dashboard after logging in, click "Enable 2FA", scan the QR code with any TOTP authenticator app (or SecureVault's built-in one), and enter the verification code. We recommend enabling 2FA immediately after creating your account.
Yes! SecureVault offers a Chrome browser extension (v1.4.0) with:
Yes! SecureVault supports secure password sharing. You can generate shareable links with optional expiration times and view limits. Shared data remains encrypted and links can be revoked at any time from your dashboard.
Yes! SecureVault includes a secure file manager and document storage. Free users get 100MB of encrypted storage. You can upload sensitive files like IDs, certificates, and private keys — all protected with AES-256 encryption.
Due to zero-knowledge architecture, we cannot recover your master password. However, SecureVault provides emergency recovery options:
Always save your recovery key in a safe physical location.
SecureVault supports importing from CSV files exported by Chrome, Firefox, LastPass, 1Password, Bitwarden, and other managers:
Visit the Plans page to compare options. Upgrade through the Payment page — we accept bKash, Nagad, and other local payment methods. Premium starts at just $0.10/month (৳10 BDT).
SecureVault is built with:
Yes! Since SecureVault is open source, you can self-host it. Clone the GitHub repository, set up your environment variables (MongoDB URI, encryption keys, etc.), and deploy on any platform that supports Python/Flask — including Docker, Render, Railway, or your own server.
Yes! SecureVault provides a RESTful API used by the browser extension. Endpoints include:
/api/extension/login — Authentication/api/extension/passwords — CRUD operations for passwords/api/extension/2fa — 2FA code retrieval/api/extension/validate — Token validationAll API requests require authentication via JWT tokens.
Step-by-step tutorials to get the most out of SecureVault.
Watch step-by-step video guides on YouTube.
Full walkthrough from registration to advanced features.
How to install, configure, and use auto-fill features.
Enable and manage two-factor authentication step by step.