Open Source Encryption Software
Encryption is only as trustworthy as your ability to verify the implementation and keep control of the keys - a closed tool asks you to take both on faith, which is the one thing you cannot afford when the data is sensitive. The open source tools here let you read exactly how data is sealed and where keys live, so the recovery path stays in your hands and nothing depends on a company still existing years from now.
HashiCorp Vault
Secrets management, encryption as a service, and privileged access management
KeePassXC
Offline, encrypted password manager that stores your vault in a local KDBX file you control
age
Simple file encryption with small explicit keys, post-quantum support, and UNIX-style composability
SOPS
Editor for encrypted YAML, JSON, ENV, INI, and binary files with KMS, age, and PGP
Cryptomator
Client-side cloud encryption that keeps files private before they reach Dropbox, Google Drive, OneDrive, and more
KeeWeb
Browser and desktop password manager that opens and creates KeePass kdbx vaults
VeraCrypt
Open source disk encryption for Windows, macOS, Linux, and FreeBSD with plausible deniability
Sealed Secrets
Kubernetes controller and kubeseal tool for one-way encrypted Secrets
gopass
GPG-encrypted, git-versioned password manager for teams - a drop-in replacement for the standard UNIX pass