One secret. Every password. Nothing to breach.

Keygrain derives unique passwords from a single secret you remember. No vault. No database. No account. Just math.

Free and open source · Works offline · All platforms

Try Web Generator Download

How it works

Remember one secret. Get a unique password for every site.

Your one secret

set once: you@mail.com

↓ just add a site

github.comkX9m#P2vL$nQ7w

gmail.comhT4&Bm8pJ!kY2rW

netflix.comQn6$wR3mXt@Lp9v

Same secret + any site = unique password. Computed locally, never stored.

Designed to minimize attack surface.

64 MiB memory, 3 iterations. Makes brute-force attacks against your secret computationally expensive (~1s per guess).

No password database exists. Passwords are recomputed on demand. There is nothing to breach.

Site configurations (not passwords) sync between devices using AES-GCM encryption derived from your secret. The server sees only ciphertext.

Free and open source. No account required.

Coming soon

Chrome, Edge, Brave, Arc

Coming soon

Firefox 109+

Download APK

Android 8+ · No Play Store needed

pip install keygrain

Python 3.10+ · CLI + library