Encrypt-it is a password manager and secure vault for iPhone and iPad. Your passwords, logins, credit cards, secure notes, and photos are encrypted on your device with Apple CryptoKit before they are written to disk — so only you can read them.
Features
- End-to-end encryption. AES-256-GCM via Apple CryptoKit. Your master key is derived from your password and never leaves your device in plaintext.
- Post-quantum encryption for contact sharing. Secrets sent to a verified contact are encrypted with a hybrid of NIST’s ML-KEM-768 and classical ECDH — safe even against future quantum computers.
- iCloud sync. Changes you make on one device appear on your others. Apple sees only encrypted ciphertext.
- Sign in with Apple & biometrics. Unlock with Face ID, Touch ID, or Sign in with Apple instead of retyping your master password.
- Encrypted photo vault. Store sensitive photos — IDs, documents, screenshots — alongside your passwords, with the same encryption.
- Key rotation. Rotate your encryption keys on demand for added peace of mind.
- Backup & restore. Save an encrypted backup file you can restore on any device.
- No tracking, no SDKs. No analytics, no ads, no third-party libraries — only Apple frameworks.
Share a secret, securely
Encrypt-it offers two ways to share a secret. Both keep the secret end-to-end encrypted — no server in between can read it.
Quick share via link
Send any secret to anyone, no setup required. Encrypt-it generates a one-time encryption key, encrypts the secret with it, and produces a link of the form encrypt-it.app/s/…#…. The decryption key lives in the part after the #, which browsers never send to any server — so only the person you send the link to can read it. For an extra layer, attach a passcode you give the recipient out-of-band; without it, the link alone won’t open the share. Links can be set to expire or to self-destruct after the first read.
Direct share with a contact
Once you and the recipient have exchanged identities (a quick QR scan), you can send them a secret as a sealed envelope. The envelope is encrypted using a hybrid post-quantum scheme: NIST’s ML-KEM-768 combined with classical P-256 ECDH. Your shared secret stays protected as long as either scheme remains unbroken — safe today, and safe against future quantum computers. The envelope is also signed with your identity key, so the recipient can confirm it really came from you.