

Keyhold.io is a zero-knowledge secret custody platform built for teams who need to manage credentials that aren't theirs. It provides a secure alternative to sharing passwords over Slack or email by allowing users to generate secure request links that clients can use to submit their credentials.
The platform enables users to generate secure request links that clients fill out, with encryption happening in their browser before data reaches the servers. It organizes secrets by client and project, provides full audit trails showing who accessed secrets and when, and supports both text secrets and file sharing including SSL certificates, license key files, and SSH keys. Users can request multiple secrets simultaneously through bulk requests and save templates for repeat use, while integrating with popular chat apps like Slack, Microsoft Teams, and Google Chat for notifications.
The security approach uses zero-knowledge encryption where secrets are encrypted locally in the user's browser before transmission. The system employs split-key encryption requiring two keys - one stored securely with AWS KMS and the other on the user's device. Decryption only occurs locally on the user's machine when both keys are combined, ensuring servers only handle encrypted data.
Benefits include eliminating password sharing through insecure channels like Slack and email, providing compliance-ready audit logs for security audits, reducing back-and-forth communication when onboarding clients, and maintaining organization of client credentials across multiple projects. The platform ensures peace of mind through comprehensive access tracking and secure handling of sensitive information.
The product targets MSPs, agencies, and any teams tired of having sensitive access credentials scattered across chat threads. It integrates with existing workflow tools including Slack, Microsoft Teams, and Google Chat, and uses AWS KMS for key management while maintaining a zero-knowledge architecture where the platform cannot access user data.
admin
Keyhold.io is specifically designed for MSPs, agencies, and teams who need to manage credentials that don't belong to them. It targets organizations tired of having sensitive access credentials scattered across chat threads and email chains. The platform serves professionals who require secure methods for collecting client credentials while maintaining full audit trails and compliance requirements.