Private by design.

Share 2FA codes.
Never the secrets.

OTP Vault lets your team share two-factor codes without exposing the underlying secrets. Everything is encrypted in your browser before it reaches the server.

OTP Vault desktop app showing 2FA account cards with rotating codes
End-to-end encryptionBrowser-first lockingSecure key sharingTeam directory syncTamper-proof audit logRuns on your server

Features

Built like a bank vault.
Feels like the apps you love.

  • We can't read your secrets

    Your 2FA accounts are encrypted in your browser before they leave your device. Even if someone accessed the database, it would be useless.

  • Codes stay out of sight

    Copy-only by default. The 6-digit code lands in your clipboard and is wiped from memory moments later.

  • Share by team or project

    Organize accounts by team, environment, or vendor. Each device gets its own securely wrapped key so access stays controlled.

  • Unique keys for every account

    Each 2FA account gets its own encryption key, protected by your team's vault key. If one key is ever compromised, the rest stay safe.

  • Clear, tamper-evident audit log

    Every access is recorded in a tamper-evident log. If someone tries to rewrite history, it shows up immediately.

  • Run it on your own server

    Deploy with one command on the server you control. Connect it to your identity provider to manage users and teams.

How it works

Four simple steps. The server never sees a thing.

We wrap each secret in multiple layers of encryption. Even a full database breach would reveal nothing useful.

Start using OTP Vault
  1. 01

    Add a 2FA account

    In the browser, we create a unique key just for that account and lock the secret with it.

  2. 02

    Lock it with your team's key

    That account key is then encrypted with your team's vault key — which only lives on approved devices.

  3. 03

    Store it encrypted

    The server receives encrypted data only. No raw secret, no account key, no vault key. It stores what it cannot read.

  4. 04

    Paste the code when you need it

    On an approved device, the 6-digit code lands in your clipboard. All keys are wiped from memory moments later.

In use

Teams that stopped
pasting codes into Slack.

We ripped a shared 2FA spreadsheet out of Notion the day we deployed this. Devs stopped complaining, security stopped losing sleep.
Priya Ranganathan
Head of Platform, Northwind
Copy-only codes are the killer feature. Nobody types anything, nobody screenshots anything, and secrets never touch the screen.
Marco Aldini
Staff SRE, Halide Labs
Self-hosted, team-directory sync, and a secure audit log. Our auditors literally said 'oh — good.'
Jenna Okafor
CISO, Vellum Health

Ship it today

Stop sharing secrets in plain text.
Start today.

  • Free for small teams
  • Set up in minutes
  • Works with your team directory