CredManager
AES-256-GCM encrypted · Mandatory 2FA

Credential management built for teams

Securely store and share passwords across your organisation. Fine-grained access control, full audit logging, and end-to-end envelope encryption — all in one place.

Sign in

Everything you need

Envelope encryption

Each credential is encrypted with its own unique DEK. DEKs are encrypted with your master key — passwords are never stored in plaintext.

Mandatory 2FA

Every account requires TOTP two-factor authentication. There is no opt-out — security is enforced, not optional.

Multi-tenant organisations

Group credentials by organisation and grant per-user read or write access. Clients only ever see what they're supposed to.

Role-based access

Admins manage organisations, users, and all credentials. Clients get a clean portal view limited to their assigned organisations.

Full audit log

Every create, update, delete, and credential view is logged with the user, timestamp, and IP address. Nothing goes unrecorded.

Secure password generator

Generate cryptographically secure passwords of any length with configurable character sets, directly in the credential form.

See it in action

Everything your team needs, nothing they don't

Organisations

Manage all your clients in one place

Every client gets their own organisation. See credential counts, assigned users, and active status at a glance. Search across all organisations, filter by status, and archive clients you're no longer actively managing — without losing their data.

Organizations page

Credentials

Every password, searchable and tagged

Browse every credential across all organisations in a single table, or filter down by organisation and tag. Passwords stay masked until you choose to reveal them. Service favicons make scanning the list fast, and tags keep everything organised.

Credentials page

Client portal

A clean view for your clients

Client accounts log in to a focused portal showing only the organisations they've been granted access to, with their permission level clearly labelled. No admin controls, no other clients' data — just exactly what they need.

Client portal

User management

Full control over who has access

Create admin and client accounts, promote or demote users between roles, reset passwords, and see at a glance how many organisations each user is assigned to. Filter by role to quickly find who you're looking for.

Users page

Audit log

A complete record of every action

Every credential view, update, access grant, and organisation change is recorded with the user, timestamp, and IP address. Filter by user or action type to investigate activity quickly. Nothing is left unlogged.

Audit log page

Two-factor authentication

Security that can't be skipped

Every account must set up TOTP two-factor authentication before first use. On each login, a 6-digit code from the user's authenticator app is required after the password — auto-submitting as soon as the code is complete.

2FA setup screen

Initial setup

2FA verification screen

Every login

Security at every layer

Every credential is encrypted with a unique key using AES-256-GCM envelope encryption. Master keys never touch the database. Two-factor authentication is mandatory for all accounts, and every action is written to an immutable audit log.

Get in touch

Interested in CredManager?

Tell us a bit about your team and what you're looking for. We'll get back to you shortly to help you get started.