Introducing Pyalm Vault: A Zero-Knowledge Password Manager for Developers
Pyalm Vault stores your test, company, and personal credentials — encrypted end-to-end and segregated by type and company — across a web app and a Chrome extension that share one vault.
Every developer ends up with the same mess: a throwaway login for a staging environment, real credentials for the company dashboard, an API console account, a personal email, and a dozen test users you invented at 2am and immediately forgot. Sticky notes, a .env you keep meaning to delete, a text file called passwords_final_v2.txt. Pyalm Vault is built to end that — a password manager designed specifically for how developers actually accumulate and use credentials.
What is Pyalm Vault?
Pyalm Vault is a zero-knowledge password manager for developers. It stores three kinds of secrets side by side — test credentials, company credentials, and personal credentials — and keeps them cleanly separated so the right one is always a click away. You reach your vault from two places that share the same encrypted store:
- A web app for full management — add, edit, organise, and search everything.
- A Chrome extension for quick access, filtering, and one-click autofill while you work.
Because both are clients of the same backend, an entry you create in the extension shows up in the web app, and vice-versa.
Zero-knowledge, not just "encrypted"
Plenty of tools claim to be "encrypted." Pyalm Vault is zero-knowledge, which is a stronger promise: your master passphrase never leaves your device.
Here is what that means in practice:
- Your passphrase derives an encryption key client-side. The server never receives the passphrase, the derived key, or your vault key in plaintext.
- Every entry — its label, type, company, identity, password, URL, and notes — is encrypted before it leaves your browser or extension using AES-GCM.
- The server only ever stores ciphertext with no readable metadata. If someone dumped the database, they would see opaque blobs and nothing else.
There is a deliberate trade-off: a forgotten master passphrase is unrecoverable. There is no backdoor and no reset link, because a backdoor would defeat the entire model. That is the point.
Segregation: Test vs Real, grouped by company
The feature developers feel every day is segregation. Every entry is tagged Test or Real and grouped by Company, so you can:
- Flip to a Test or Real tab instantly.
- Filter by company to jump straight to "Acme — Real" or pull up every test account you created for one project.
- Search across the decrypted set in the moment you need it.
All of this filtering happens client-side after decryption, so segregation never costs you privacy — the server has no idea which entries are test, real, or which company they belong to.
Generate disposable test credentials
Testing signup and login flows means inventing accounts constantly. Pyalm Vault includes a test credential generator that produces a unique, disposable identity on demand: a fresh test+slug@example.com address, a random username, and a crypto-strong password. New generated entries default to Test, so your throwaway accounts stay out of your real credentials — and out of your head.
Autofill where you're already working
The Chrome extension does more than list passwords. It can autofill directly into the active tab — filling the first visible email or username field and the password field, and dispatching the right events so React and Vue forms actually register the input. Unlock the extension, pick the entry, and you're signed in. When no login fields are found, it tells you instead of failing silently.
Locks itself when you step away
The key that decrypts your vault lives in memory only. After a period of inactivity, or when you close the tab or the extension popup, the vault auto-locks and clears itself — you re-unlock with your passphrase to continue. Your decrypted data is never sitting around waiting to be scraped.
Who it's for
Pyalm Vault is aimed squarely at developers and technical teams who live across many environments and accounts:
- Keep staging and test logins separate from production credentials.
- Store company tools (dashboards, consoles, admin panels) organised per client or product.
- Keep personal logins in the same vault without mixing them into work.
Get early access
Pyalm Vault joins Pyalm's family of focused products built in Dubai. If credential sprawl sounds familiar, reach out for early access — we'll walk you through the security model, setup, and loading the extension for your own use.