Zero-Knowledge Architecture

Your Keys. Your Identity.
Unstoppable.

24 words. That's all you need. No email, no account, no server dependency. Even if we disappear, your passwords survive.

Get Started FreeView Security Model

Three Pillars of Digital Identity

One vault. Complete control. Zero compromise.

Zero-Knowledge Passwords

AES-256-GCM encryption. SRP-6a mutual authentication. Your master password never leaves your device.

Argon2id (64MB, 3 iter) + HKDF sub-keys

Authorization Lifecycle

OAuth tokens, API keys, service accounts -- centralized management with auto-refresh and instant revocation.

Encrypted token storage + expiry alerts

AI Agent Gateway

MCP protocol lets AI assistants securely access credentials under policy-controlled, fully audited access.

WebSocket MCP + Policy Engine + Audit Chain

How It Works

01

Generate Seed

24 words generated on your device. No email needed.

02

Derive Keys

All encryption keys derived from your seed phrase.

03

Use Anywhere

Browser, extension, or AI agent via MCP protocol.

04

Recover Anytime

24 words = full recovery. Even without us.

End-to-End Encrypted
Open Source
SOC 2 Type II
No Data Mining

The Unstoppable Promise

What makes Auth Box different from every other password manager.

No Email Required

Create a vault in 45 seconds. No signup, no account, no email.

Survive Without Us

If Auth Box disappears tomorrow, your vault still works. Your seed phrase is the only key.

Passwords Without Storage

Derive passwords deterministically from your seed + site name. Vault can be empty.

Import Everything

Migrate from 13 password managers: Apple, Google, Chrome, Firefox, 1Password, Bitwarden, and more.

Encryption Architecture

Your master password derives three independent keys. The server never sees any of them.

Master Password
Argon2id KDF
Master Key
HKDF Derivation
Auth Key
SRP-6a login
Encryption Key
Vault key wrap
MAC Key
Integrity check