Vaultaro is a self-hosted, white-label password and secrets manager built on a true zero-knowledge architecture. Every secret is encrypted in the browser with libsodium before it ever reaches the server, so the server only ever stores ciphertext even the operator can never read user data.

It ships with full Laravel 13 + React 19 source, a guided installer, and a runtime white-label admin so you can rebrand it as your own in minutes without touching code. Built for individuals, families and teams: collections and granular sharing,

SSO/SCIM, passkeys, emergency access, audit logging, reports, and more.

• Zero-knowledge end-to-end encryption (libsodium, Argon2id; server stores only ciphertext)
•  5 item types: logins, secure notes, cards, identities, SSH keys plus folders, tags, attachments, comments
• Secret history/versioning, password generator + strength meter, Have-I-Been-Pwned breach check
• Import from Bitwarden, LastPass, Dashlane, 1Password, Chrome, Firefox, Safari; encrypted export
• Send self-destructing secret links + public "Quick Send" (no account required)
• Personal + team vaults, roles (Owner/Admin/Member), collections & groups with granular sharing, access requests
• 2FA (TOTP), passkeys/WebAuthn, trusted devices, emergency access, account recovery
• SSO (OIDC + SAML), SCIM v2 provisioning, directory sync, per-team SMTP
• Full audit log, security intelligence advisor, reports (CSV/print), branded email notifications, in-app notifications
• 15 enforceable security policies
• 100% runtime white-label (name, colour, logo, favicon, emails), light/dark, PWA, multi-language
• Guided web installer (no SSH needed) + CLI setup; 470+ automated tests

• PHP 8.3+ with extensions: sodium (required), pdo_mysql or pdo_pgsql, mbstring, openssl, fileinfo, ctype, json
• MySQL 5.7+/8, PostgreSQL, or SQLite
• Writable .env, storage/, and bootstrap/cache/

1. Upload and extract the ZIP; point your domain at the public/ folder.
2. Visit your domain - the guided installer runs (database → admin → branding). It self-provisions the app key and runs migrations automatically; no SSH required.
3. Prefer the terminal? Run: php artisan client:setup.
4. Full documentation is included in the download under docs/ (INSTALL.md).