Stop leaving secrets in .env files
Protect your secrets with LocalKeys

LocalKeys protects your secrets using a local, encrypted vault.
No program can access your secrets without your approval.

Buy Now - $7.99 Already purchased? Download now.

Open Source

.env Files Are Not Safe

⚠️ AI agent leaks .env

Recent research has revealed that AI agents can leak .env files through manipulated commands hidden in web results or usage documentation. Furthermore, even when access to the .env file is restricted, they bypass it using `cat .env`.

Source: Google Antigravity Attack → Cline Vulnerabilities →

🚨 No Access Control

Without proper access control, your secrets are vulnerable to malicious code, compromised dependencies, or any process running on your system.

Why LocalKeys?

🖥️ Local-first

Other secret managers need to be connected to the internet.
With LocalKeys, you don't need an internet connection. Your data never leaves your device.

😌 Easy to use

No complex setup needed.
Just move your existing env file to LocalKeys.

Quick start guide →

🔐 Enhanced Security

All your data is protected with strong encryption (AES-256-GCM). With a strong password, offline brute-force attacks become extremely difficult.

Learn more about security →

🧑‍💻 Indie-Dev Friendly

Why do other dev tools only focus on the B2B market?
LocalKeys offers high performance at a low one-time price. No subscription required.

✅ Per-request Approval

Every secret access requires your explicit approval.
No program can silently access your secrets without permission.

Learn about access control →

🔓 Open Source

LocalKeys is fully open source and transparent.
You can verify the security yourself and contribute to the project.

View on GitHub →

Comparison with other software

LocalKeys is the only tool that stores secrets locally and protects against AI agent leaks

	LocalKeys	1Password CLI	Doppler	Infisical	Dotenv Vault
Deployment	Local	Cloud	Cloud	Cloud	Cloud
Price	$7.99 one-time	$8/user/mo	$7/user/mo~	$18/user/mo~	$5-8/user/mo
Target Users	Indie ~ Teams	Indie ~ Enterprise	Enterprise	Enterprise	Teams
Learning Curve	Very low	Low	Low	Medium	Low
Encryption	AES-256-GCM	AES-256	Standard	AES-256-GCM	AES-256
Approval System	Per-request	Per-process	-	-	-
Internet	Not required *	Required	Required	Required	Required

* Internet required only for initial license activation. For third-party services, compare based on the cloud version, not the on-premises version.

Features

Needs Your Approval

For another process to use your secrets, it needs your approval.
This helps protect your secrets from malicious programs.

GUI or CLI

You can use it wherever you want, whether in a GUI or a CLI.
That means you can use it with any IDE!

Development Environment

You can securely run commands like "npm start" via LocalKeys.
There's no need to modify your existing development environment.

Roadmap

Purchase once, get all future updates free.

Upcoming

Planned

Linux support, more languages, team collaboration, etc

Send Feedback →

v1.4.0 ~ v1.4.2

Dec 20, 2025

Favorites feature, statistics and expiration notices, auto-lock, screenshot prevention, etc.

v1.3.0

Dec 17, 2025

Add secret change history and recovery, export logs, and log search

v1.2.0 ~ v1.2.1

Dec 14, 2025

Option to set secret expiration date, Add icon to UI

v1.1.0 ~ v1.1.1

Dec 6, 2025

Added imports from .env and fixed bugs.

v1.0.0

Dec 4, 2025

Initial release with encrypted vault, GUI/CLI, process approval.

Using LocalKeys has reduced my fear of secret leaks and the hassle of managing scattered env files.

— Kim, Solo Developer

Stop leaving secrets in .env files Protect your secrets with LocalKeys