giovium

Built expressly for the self-hosting community, giovium is a secure, private password manager designed for absolute data sovereignty. It pairs state-of-the-art cryptography with strict, legacy-style privacy. There are zero analytics, zero tracking, and absolutely no middlemen.

With giovium, you can use the iOS app, self-host your own server, and seamlessly sync data across all major operating systems.
Ready to self-host? Deploy your server in seconds using Docker (hub.docker.com/r/xgiovio/giovium-server) or visit giovium.com.

1. Cross-Platform Architecture
Universal Support: Available across iOS, macOS, Windows, and Linux.
Unified Codebase: Ensures maximum reliability and rapid cross-platform updates.
Optimized UI: Seamless orientation adaptation and native iPadOS Split View support.
Low Footprint: Minimal data usage and blazing-fast responsiveness regardless of vault size.

2. State-of-the-Art Security
Advanced Crypto: Employs Ed25519/X25519 for sync, XChaCha20-Poly1305 for local data, and Argon2 for password derivation.
Zero-Knowledge: Data is strictly encrypted 100% of the time. The server never possesses your keys.
Just-in-Time Decryption: Items remain encrypted in memory until precisely accessed.
Hardware Integration: Leverages native device cryptography with large, unique salts.

3. Server Deployment & Sync
Rapid Setup: Docker containers or native binaries ready in seconds.
Instant Sync: Real-time data mirroring across multiple independent servers.
Autonomous Security: Clients and servers encrypt their connection directly. No external CAs required. Deploy behind a reverse proxy or standalone.
Smart Resolution: Automatically handles out-of-sync states to prevent data duplication.

4. Data Integrity & Versioning
Append-Only Structure: Data is never permanently deleted; safely revert to previous versions of any item anytime.
Rigorous Consistency: Automatically verifies data upon unlock, and supports manual offline verification.
File Hashing: Built-in verification ensures absolute integrity for all attachments.

5. Interface & Experience
Custom Entries: Build items using text, concealed passwords, files, and an integrated TOTP authenticator (manual or QR).
Minimalist Design: Distraction-free with native Light/Dark modes and instant search filtering.
Privacy Controls: Explicitly hide specific elements from standard view.

6. Device Protection
Biometrics: Secure Enclave integration for safe Face ID/Touch ID unlocks.
Anti-Espionage: Actively blocks screen recording, background screenshots, and OS app-switcher visibility.
Smart Lock: Background auto-unlock and customizable timeouts secure the vault.

7. Backup & Ownership
Absolute Privacy: No tracking, ads, or third-party logging. Network connections strictly limited to your server.
Full Ownership: No account creation or email recovery loops. Governed entirely by your master password.
Offline Access: Manage encrypted vaults offline via the native iOS Files app or automate iCloud backups.