Zero-knowledge encryption

Your passwords, sealed before they leave your device

Aegis is a password manager built on a simple promise. We never see your secrets. Everything is encrypted locally with a key derived from your master password, which never touches our servers.

Create your vaultGet the extension
Chrome and Edge Unlimited passwords free 7 day Pro trial No tracking
aegis vault

github.com

you@dev.com

stripe.com

founder@aegis.app

vercel.com

deploy@aegis.app

256 bit

AES-GCM encryption

600,000

PBKDF2 rounds on your device

0

passwords stored in plain text

1 click

to autofill any login

Set up in a minute

How Aegis works

Three steps from chaos to one click logins.

1

Create your vault

Pick one master password. It never leaves your device, and it is the only key to everything.

2

Add the extension

Install Aegis on Chrome or Edge and sign in. Your vault unlocks locally in the browser.

3

Log in with one click

Aegis detects the site you are on and fills the right login. No typing, no copy and paste.

Everything you need, nothing you do not

Strong cryptography applied where it counts, wrapped in a calm, fast interface.

Zero-knowledge by design

Your passwords are encrypted on your device with a key only you hold. Our servers store ciphertext and nothing else.

AES-256-GCM vault

Every entry is sealed with authenticated encryption under a random vault key.

Autofill that knows the site

The Chrome and Edge extension matches the exact domain you are on.

Built in generator

Create long, random passwords in one tap and save them straight to your vault.

Fast and out of the way

Unlock once and fill logins in a click. Auto-lock clears your keys after inactivity.

No ads, no tracking

No analytics on your vault, no selling data. The product is the subscription, not you.

How zero-knowledge works

The server cannot read what it never receives

When you sign in, Aegis turns your master password into an encryption key using 600,000 rounds of PBKDF2, entirely in your browser. That key unlocks your vault locally. We only receive an opaque login value and encrypted blobs.

  • Master password never sent over the network
  • Vault items encrypted with AES-256-GCM before upload
  • Forgotten master password cannot be recovered, by design

# on your device

masterKey = PBKDF2(password, 600k)

authHash = PBKDF2(masterKey, password)

vaultKey = random 256 bit

cipher = AES_GCM(vaultKey, secret)

# sent to Aegis

authHash, wrap(vaultKey), cipher

# never sent

password, masterKey, vaultKey, secret

Simple pricing

Start free. Upgrade when you need more than three.

Free

Freeforever
  • Unlimited passwords and secure notes
  • Zero-knowledge encryption
  • Chrome and Edge extension
  • CSV import and strength checks
Start free
Most popular

Pro

$2.99per month
  • 2FA codes and breach alerts
  • Cards, identities and folders
  • One-click change, generator, backups
  • Vault health, favorites, filters
  • 7 day free trial, cancel anytime
Start 7 day free trial

Questions, answered

What happens if I forget my master password?

Because only you hold the key, Aegis cannot reset or recover it. That is the trade-off of true zero-knowledge. Keep your master password somewhere safe.

Which browsers are supported?

Chrome and Edge today, loaded from a downloadable extension. Both are Chromium based, so the same build works on each.

What does the free plan include?

Unlimited saved passwords with the full encryption, the extension, CSV import, and strength checks. Pro adds the vault health dashboard, password generator, backups, favorites, filters, and more for 2.99 dollars a month with a 7 day free trial.

Can Aegis or anyone on your team see my passwords?

No. We only ever receive encrypted blobs and a one way login value. There is no plaintext on the server to read, leak, or hand over.

Take back control of your logins

Set up your vault in under a minute. Unlimited passwords on the free plan, no card required.

Create your vault Download extension
Aegis - Zero-Knowledge Password Manager