Keying is an open-source password manager that lives entirely on your device. One encrypted file. AES-256-GCM. Your master password derives the key — and never leaves the machine it was typed on. There is no Keying server because there is nothing for one to do.
Every other password manager makes you trust a server you can't see, run by people you'll never meet, paid for by a subscription that resets if you stop. The whole point of a password manager is to raise the cost of stealing your data — yet the standard architecture is one breach away from leaking every credential you own.
Keying takes the opposite bet. Your vault is a single encrypted file on your Mac. The key is derived from your master password using PBKDF2 with 600,000 iterations and immediately wraps a random data key. The plaintext only exists in process memory, only while the app is unlocked, only on the machine you typed the password into.
There is no cloud. There is no account. There is no analytics endpoint phoning home with your usage. The browser extension talks to the app on 127.0.0.1. The only outbound network request the app ever makes is a release-check against GitHub — and you can block it.
Every feature pulls its weight. No "Keying Cloud Premium." No nags. No analytics. Just the things a password manager actually has to do, executed with care.
Your master password runs through PBKDF2-SHA256 with 600,000 iterations to derive a key. That key wraps a random data key, which encrypts the vault file. The data key is invisible to anyone — including the app's author. Brute-force is computationally absurd on consumer hardware.
The encryption key is held in macOS Keychain, gated by your fingerprint. Faster than typing — same security boundary.
Every entry can hold a TOTP secret. Keying generates the 6-digit code locally and copies it on click — no separate authenticator app, no QR ritual.
A small extension for Chrome, Edge, Brave, Arc, and Firefox talks to the app over 127.0.0.1:17321 — and only with a per-browser token you confirm with a 6-digit code.
During setup Keying generates a recovery key and asks you to print it. If you forget your master password, the recovery key resets it. Lose both, and the data is unrecoverable — by design.
Bitwarden JSON or CSV, 1Password CSV, iCloud Keychain CSV, generic browser exports. Round-trip your data back out as encrypted backup, Bitwarden JSON, or CSV. Your data doesn't get held hostage.
The DMG is signed and notarized. On first launch you pick a master password and Keying prints a recovery key.
Install the extension. A 6-digit code in the app + extension confirms the pairing. After that, autofill works on every site.
Use Keying. Back up the vault file when you want — same master password unlocks it on any Mac.
Every security product needs an honest threat model. Marketing copy that says "military-grade" is meaningless. Here's what Keying guarantees and where it stops.
See crypto.ts for the primitives.
A stolen vault.enc is unreadable without your master password or recovery key. 600k PBKDF2 iterations make brute-force impractical on consumer hardware.
No server, no syncing, no telemetry. The only outbound request the app makes is to GitHub for release checks — and you can block it.
The bridge binds to loopback only. Each browser carries its own bearer token, issued only after you confirm a 6-digit code in the app.
Once your vault is unlocked, the encryption key sits in process memory. A compromised macOS, a kernel-level keylogger, or someone with physical access to your unlocked Mac can defeat Keying — same as any password manager.
Forget both your master password and your recovery key, and the data is gone. There is no Keying support to call — that's the price of zero-knowledge.
import { randomBytes, pbkdf2Sync, createCipheriv } from "crypto"; const PBKDF2_ITERATIONS = 600_000; const PBKDF2_KEYLEN = 32; const PBKDF2_DIGEST = "sha256"; export function deriveKey(masterPassword: string, salt: Buffer): Buffer { return pbkdf2Sync(masterPassword, salt, PBKDF2_ITERATIONS, PBKDF2_KEYLEN, PBKDF2_DIGEST); } export function encryptWithKey(key: Buffer, plaintext: string, salt: Buffer): EncryptedBlob { const iv = randomBytes(12); const cipher = createCipheriv("aes-256-gcm", key, iv); const ct = Buffer.concat([cipher.update(plaintext, "utf8"), cipher.final()]); const tag = cipher.getAuthTag(); return { v: 1, salt: salt.toString("base64"), iv: iv.toString("base64"), tag: tag.toString("base64"), ct: ct.toString("base64"), iterations: PBKDF2_ITERATIONS }; } // That's it. AES-256-GCM, 12-byte IV per encrypt, 16-byte auth tag, PBKDF2 with 600k rounds. // The DEK wraps under both the password-derived key and a recovery-key-derived key.
vault.enc that opens with the same master password on any Mac. Drop it into ~/Library/Application Support/Keying/ to restore. For migrations to another password manager, export as Bitwarden JSON or CSV.
vault.enc in iCloud Drive, Dropbox, or any folder that gets synced. Because the file is encrypted on disk, the sync service sees only ciphertext.
electron/crypto.ts), the vault format is documented in electron/vault.ts, and the local bridge protocol is in electron/bridge.ts. Around 4,000 lines of TypeScript total.