The problem
A password manager must protect sensitive data without making connectivity a requirement. Vaulta was designed around an offline-first premise: credentials stay under the device owner’s control and the encrypted format must detect modification.
The solution
The application derives keys with Argon2id and protects content with AES-256-GCM. Android supports biometric unlock, while Windows can integrate with Windows Hello when the system supports it. The product is distributed for both platforms through public releases.
Security decisions
- Authenticated encryption: AES-256-GCM protects confidentiality and integrity.
- Hardened derivation: Argon2id strengthens the key derived from the master password.
- Biometrics for convenience: operating-system unlock complements the model; it does not replace vault encryption.
- Transparency: published source and binaries allow people to inspect the implementation and try the product.
Important limitation
Vaulta is not described as immune to vulnerabilities. The project has not undergone an external cryptographic audit, and that limitation belongs in any risk assessment.