Share access, not passwords.

Credals is the encrypted credential vault built for freelancers. Organize every login, API key and 2FA code by client, project and platform, and hand off access without ever exposing a password.

ClientProjectPlatformCredential
acme-co / website-rebuild / Stripe
Stripe · Secret key
Copy
clipboard clears in 60s
encrypt value → AES-256-GCM
store: 9f2a·c7e1·04bd·88a3·…·b40d ciphertext only
104 platforms

Built-in templates with the right fields for Stripe, AWS, Vercel, GitHub and more

AES-256-GCM

Credentials encrypted before they ever reach the database

60 seconds

Copied secrets auto-clear from the clipboard

Features

The vault follows the work.

Credals is intentionally narrower than a generic password manager. It is designed for the repeated pattern freelancers and agencies live in every day: a client, their projects, the platforms those projects run on.

01
Client
02
Project
03
Platform
04
Credential

Share with clients and collaborators

Hand a client or project to another Credals user as viewer or editor. Invite links are single-use and expire in 7 days, and you can see who copied what.

Live 2FA codes

Store a platform's 2FA setup key and Credals shows the rotating 6-digit code right next to the login, computed in your browser.

Password health

One report flags breached, weak, reused and stale passwords across every client, with an overall score. Breach checks never send your passwords anywhere.

Import from your old manager

Bring logins over from Chrome, Bitwarden or 1Password with a CSV export. Each one lands as its own platform, encrypted on arrival.

Copy from anywhere

Press Ctrl+K, type a few letters, and copy any credential without leaving the keyboard or opening a single folder.

Generate strong secrets

A password and passphrase generator on every secret field, built on the browser's cryptographic randomness. No more password123.

One path from client to secret.

  1. 01

    Create the client

    Start where the relationship starts. The client is the top-level context for everything that follows.

  2. 02

    Add projects

    A rebuild, a retainer, a launch. Each project sits under its client, no naming conventions required.

  3. 03

    Attach platforms and credentials

    Pick from 104 platform templates or import a CSV from your old manager. Fields auto-save as you type, already encrypted.

Encrypted before it touches the database.

AES-256-GCM encryption runs before storage, so the database only ever holds ciphertext. The boundary is explicit, not assumed.

AES-256-GCM

Every value is encrypted with a unique IV before anything is written, so the database only ever holds ciphertext.

Row-level security

Ownership is checked on every request, the whole way down the client, project, platform and credential chain.

Clipboard auto-clear

Copied credentials wipe from the clipboard after 60 seconds, so secrets do not linger after a paste.

k-anonymity breach checks

Password health flags breached logins without your passwords ever leaving the server.

Common questions

On Supabase (PostgreSQL). All credential values are encrypted AES-256-GCM before reaching the database. You can choose your region during account setup.

An export feature is on the roadmap. You'll be able to download a structured archive of all your encrypted credentials, and the encryption is documented so your data is never trapped.

Yes. Credals is currently free while in active development, and we'll always keep a free tier for individual freelancers.

Account recovery goes through your email via Supabase Auth. Encrypted credentials remain protected; the server-side encryption key is decoupled from your password.

Team sharing is on the roadmap. Today, Credals is optimized for the solo freelancer use case.

Free while we build with users

Your clients are organized. Your credentials should be too.

Move client credentials into a vault that matches how your projects are already structured. Credals is free while we gather enough usage and feedback to shape paid plans.