George Orwell — 1984

"If you want to keep a secret, you must also hide it from yourself."

We did. Your Sealed key is derived in your browser from your Touch ID. Our servers have never seen it. They could not decrypt your private fields even if they wanted to. Or anybody else.

Get hosted — $12/yr Self-host free →
AI Agent You only L1 — AI can read github_token ssh_key totp_github oauth_slack L2 — you only credit_card cvv passport ssn

The problem

Every password manager was built before AI agents existed. Now they need to catch up.

All-or-nothing is broken

All others give your AI agent access to everything in your vault, or nothing at all. Your AI needs your GitHub token — it shouldn't also see your passport number.

Policy isn't security

"AI-safe" vaults still decrypt everything server-side. If the server can read it, it's not truly private. Math beats policy every time.

Agents need credentials — and 2FA

Your AI can't log in, pass two-factor, or rotate keys without access. vault1984 lets it do all three — without exposing your credit card to the same pipeline.

How it works

"Your assistant can book your flights.
Not read your diary."

Every field is encrypted. But some get a second lock. That second key is derived from your fingerprint and only exists in your browser. We hold the safe. Only you hold that key.

Agent fields

AI-readable

Encrypted at rest, decryptable by the vault server. Your AI agent reads these via MCP.

  • API keys & tokens
  • SSH keys
  • TOTP 2FA codes — AI generates them for you
  • OAuth tokens
  • Structured notes
Sealed fields

Touch ID only

Encrypted client-side with WebAuthn PRF. The server never sees the plaintext. Ever.

  • Credit card numbers
  • CVV
  • Passport & SSN
  • Private signing keys
  • Private notes

Built different

Not another password manager with an AI checkbox. The architecture is the feature.

Field-level AI visibility

Each field has its own encryption tier. Your AI reads the username, not the CVV. Same entry, different access.

WebAuthn PRF

Sealed encryption uses WebAuthn PRF — a cryptographic key derived from your biometric hardware. Math, not policy. We literally cannot decrypt it.

AI-powered 2FA

Store TOTP secrets as Agent fields. Your AI generates time-based codes on demand via MCP — no more switching to your phone.

Scoped MCP tokens

Create separate MCP tokens per agent. Each token sees only its designated entries. Compromise one, the rest stay clean.

One binary, one file

No Docker. No Postgres. No Redis. One Go binary, one SQLite file. Runs on a Raspberry Pi. Runs on a $4/month VPS.

LLM field mapping

Import from any password manager. The built-in LLM automatically classifies which fields should be Agent vs Sealed.

10 agents.
Each gets exactly what it needs.

Create scoped MCP tokens per agent. One compromised agent exposes one scope — not your entire vault.

~/.claude/mcp.json

{
  "mcpServers": {
    "vault-dev": {
      "url": "http://localhost:1984/mcp",
      "headers": { "Authorization": "Bearer mcp_dev_a3f8..." }
    },
    "vault-social": {
      "url": "http://localhost:1984/mcp",
      "headers": { "Authorization": "Bearer mcp_social_7b2e..." }
    }
  }
}
vault 1984 Agent 1 dev Agent 2 social Agent 3 finance Agent 4 infra Agent 5 deploy github ssh gitlab twitter slack discord stripe plaid aws k8s docker vercel netlify

Don't want to run it yourself?

We host vault1984 across 22 regions on every continent. $12/year. Pick your region at signup.

Your Sealed keys are derived in your browser. We mathematically cannot read your private fields.

See hosted plans → Self-host guide

Up and running in 30 seconds

One command. No dependencies.

Terminal

# Self-host in 30 seconds
$ curl -fsSL vault1984.com/install.sh | sh
$ vault1984
# Running on http://localhost:1984

MCP config for Claude Code / Cursor / Codex

{
  "mcpServers": {
    "vault1984": {
      "url": "http://localhost:1984/mcp",
      "headers": { "Authorization": "Bearer mcp_your_token_here" }
    }
  }
}

Full install guide →