Credentials encrypted before storage
Client, project, platform, credential
Find anything without searching through folders
The vault follows the work.
Credals is intentionally narrower than a generic password manager. It is designed for the repeated pattern freelancers and agencies live in every day.
Built around client work
Every credential belongs to a client. That context never gets lost, no matter how many projects or platforms you add under it.
Field-level access, no friction
Retrieve only what you need: one login, one API key, without opening a folder, searching, or scrolling.
A hard boundary for sensitive data
Credentials are encrypted before they reach the database. The boundary is explicit and auditable.
One path from client to secret.
- 01
Create the client
Start where the relationship starts. The client is the top-level context for everything that follows.
- 02
Add projects
A rebuild, a retainer, a launch. Each project sits under its client, no naming conventions required.
- 03
Attach platforms and credentials
GitHub, Vercel, Stripe, store logins, tokens, and API keys exactly where you'd expect to find them.
Encrypted before it touches the database.
AES-256-GCM encryption runs client-side. Supabase Auth handles sessions. Clipboard auto-clears after 60 seconds. The boundary is explicit, not assumed.
- AES-256-GCM encryption runs client-side before storage.
- Supabase Auth manages email and password sessions.
- Copied credentials auto-clear from the clipboard after 60 seconds.
- The database stores ciphertext, not plaintext credential values.
Common questions
On Supabase (PostgreSQL). All credential values are encrypted AES-256-GCM before reaching the database. You can choose your region during account setup.
An export feature is on the roadmap — you'll be able to download a structured archive of all your encrypted credentials. The encryption is documented so your data is never trapped.
Yes — Credals is currently free while in active development. We'll always keep a free tier for individual freelancers.
Account recovery goes through your email via Supabase Auth. Encrypted credentials remain protected; the server-side encryption key is decoupled from your password.
Team sharing is on the roadmap. Today, Credals is optimized for the solo freelancer use case.
Your clients are organized. Your credentials should be too.
Move client credentials into a vault that matches how your projects are already structured. Credals is free while we gather enough usage and feedback to shape paid plans.