Guides/For a job

Encrypt source-code secrets without a hosted vault

A hosted secrets vault is overkill for a solo developer with three side projects. Elba lets you keep every .env file, API key, and deploy note in a single sealed folder on your own machine.

A folder per project, or one for all

Small teams often prefer one vault per project so a shared password is scoped. Solo devs get away with one vault and a well-organised tree.

Sharing with a collaborator

Copy the sealed folder to a shared drive and hand over the password out of band. No account creation, no seat pricing.

Questions people actually ask

Can CI pull secrets from an Elba vault?
No — CI needs a machine-readable secret store. Elba is for the human-facing side (local dev, deploy notes, private keys you rotate rarely).
Is this as safe as HashiCorp Vault?
For one person, yes. For a team with rotation and audit needs, you want a real vault.

Take the island

Elba is one HTML file. It runs locally in a Chromium browser, seals a folder with AES-256-GCM, never phones home, and becomes open source on 1 January 2030.

  1. €49MMXXVI· now ·
  2. €39MMXXVII2027
  3. €29MMXXVIII2028
  4. €19MMXXIX2029
  5. FreeMMXXX2030

the price falls each year · free to all 1 jan 2030

pay once · no account · nothing leaves

Related guides