FAQ

Common questions

Everything people ask about how Credals stores, encrypts and protects credentials, in one place.

On Supabase (PostgreSQL). All credential values are encrypted AES-256-GCM before reaching the database. You can choose your region during account setup.

An export feature is on the roadmap. You'll be able to download a structured archive of all your encrypted credentials, and the encryption is documented so your data is never trapped.

Yes. Credals is currently free while in active development, and we'll always keep a free tier for individual freelancers.

Account recovery goes through your email via Supabase Auth. Encrypted credentials remain protected; the server-side encryption key is decoupled from your password.

Team sharing is on the roadmap. Today, Credals is optimized for the solo freelancer use case.

Every credential value is encrypted with AES-256-GCM before it is written to the database. GCM is an authenticated encryption mode, so each stored value carries an authentication tag that detects tampering. The database only ever holds ciphertext, so the plaintext of a key, token or password is never persisted.

Supabase provides the PostgreSQL database and authentication, and Vercel hosts the application. We keep the third-party surface deliberately small so the trust boundary stays easy to reason about.

Around four levels that match how freelance work is actually structured: Client → Project → Platform → Credential. You always retrieve a secret from the same place you'd expect to find it.

You can delete your account at any time, which removes your stored data. A structured export of your encrypted credentials is on the roadmap so you're never locked in.

Copied values auto-clear from the clipboard after 60 seconds, so a secret doesn't linger where another app could read it.