Available on iPhone & iPad

KEYFORGE

Forge your passwords. Remember only two things. No vault. No storage. Just security.

SHA-256 Cryptographic Hashing  ·  Nothing stored. Ever.

How It Works

Three steps.
Zero storage.

KeyForge uses SHA-256 cryptographic hashing — the same standard used by banks and security professionals — to derive a unique, strong password from two simple inputs you already know.

01
Enter your Master Key

One secret key that never changes. Use it for every site, every time.

02
Enter your Unique Key

A simple identifier for each site — like "amazon" or "gmail". Easy to remember, different every time.

03
Tap Generate

KeyForge instantly forges a strong, unique password. Copy it, use it, done. Nothing is saved anywhere.

Your Keys

Two things.
All your passwords.

Stop memorizing dozens of complex passwords. KeyForge only needs two pieces of information — and you already know both of them.

Key One

Master Key

Your one secret key that never changes. Choose anything meaningful to you — a phrase, a word, a combination. Keep it private and use it for every site.

Example: ExampleMaster

Key Two

Unique Key

A simple identifier that changes per site. The website name works perfectly. Same format every time — just swap the site name.

Amazon: amazon    Gmail: gmail

Security

Built different.
By design.

KeyForge was built with a single philosophy — your passwords should never exist anywhere except in the moment you need them.

🔒

Nothing stored. Ever.

KeyForge never saves, transmits or logs your passwords, Master Key or Unique Key. Nothing persists between sessions.

🔑

You are the password manager

Only you can recreate your passwords. There is no server, no database and no account that could ever be compromised.

SHA-256 Hashing

Powered by Apple's CryptoKit framework using SHA-256 — the same cryptographic standard trusted by financial institutions worldwide.

🛡️

One-way generation

A generated password can never be reverse engineered to reveal the keys used to create it. The math simply does not work in reverse.

🔤

Case sensitive

Master Key and Unique Key are both case sensitive. Uppercase and lowercase letters produce completely different passwords.

📵

Works offline

KeyForge requires no internet connection. No data ever leaves your device. Fully functional in airplane mode.

Password Rotation

Compromised?
Just rotate.

If a password is ever compromised or you simply want to update it, use the optional Version field. Add any label and KeyForge forges a completely new password for the same site — no Master Key or Unique Key changes needed.

The version label is appended visibly to your password so you always know which version was used to generate it.

A(^m7)Z3! — original
A(^m7)Z3!_v2
A(^m7)Z3!_2024
A(^m7)Z3!_compromised

Legal

Privacy Policy

Effective Date: April 15, 2026

Overview

KeyForge ("the App") is a password generation utility developed by Brian McAlister. This Privacy Policy describes how the App handles your information. The short version: we collect nothing, store nothing, and transmit nothing.

Information We Do Not Collect

KeyForge does not collect, store, transmit, or share any personal information of any kind. Specifically, the App does not collect:

— Your Master Key or Unique Key inputs

— Generated passwords

— Device identifiers or usage data

— Location data

— Crash reports or analytics

— Any other personally identifiable information

How The App Works

KeyForge operates entirely on your device. When you enter a Master Key and Unique Key and tap Generate, the App performs a cryptographic hash operation locally using Apple's CryptoKit framework. The result is displayed on screen and optionally copied to your clipboard.

No data is sent to any server. No data is written to disk between sessions. When you close the App, all inputs and outputs are gone.

Clipboard Usage

When you tap the Copy button, your generated password is temporarily placed on your device clipboard to allow pasting into other apps. The App automatically clears the clipboard after 60 seconds for your security. The clipboard contents are never transmitted or stored by KeyForge.

No Internet Connection Required

KeyForge does not require or use an internet connection at any time. The App is fully functional offline. No network requests are made by the App under any circumstances.

Third Party Services

KeyForge does not integrate with any third party services, analytics platforms, advertising networks or crash reporting tools. The only framework used for password generation is Apple's own CryptoKit, which operates locally on your device.

Data Security

Because KeyForge stores no data, there is no data to secure, breach or expose. Your Master Key and Unique Key exist only in your memory and briefly on your device screen while you use the App. Generated passwords exist only on screen and optionally in your clipboard for up to 60 seconds.

Children's Privacy

KeyForge does not collect any information from any users, including children under the age of 13. The App is compliant with the Children's Online Privacy Protection Act (COPPA) by virtue of collecting no data whatsoever.

Changes To This Policy

If this Privacy Policy changes in the future, the updated policy will be posted at this URL with a revised effective date. Since the App collects no data, any future changes would only apply if the App's functionality changes in a way that involves data collection, at which point users will be notified.

Contact

If you have any questions about this Privacy Policy or the App's privacy practices, please contact:

Brian McAlister
Developer, KeyForge

Available Now

Ready to forge?

Download KeyForge free on the App Store for iPhone and iPad.

Download on the App Store