Session Vault

About

Session Vault helps protect signed-in browser sessions when you step away from your computer.

Choose specific sites, or enable all-cookie mode, then lock the vault manually, after idle time, when the computer locks, or when the browser restarts. While locked, Session Vault blocks protected web requests, shields protected tabs, removes live cookies from Chrome, and keeps only authenticated encrypted cookie snapshots in extension storage.

When you unlock with your master password, Session Vault restores the protected cookies and re-enables network access.

Session Vault asks once for all-sites host permission when you first protect a site or enable all-cookie mode. In selected-site mode it still protects only the site groups you add; the broader permission prevents repeated browser prompts as you add more sites.

Key features:

- Protect selected sites or all website cookies.
- Local AES-GCM encrypted cookie vault.
- Master password is never stored.
- Unlock key is kept only in Chrome in-memory extension storage.
- Persistent network blocking stays active across browser restarts.
- Tabs for protected sites are replaced with a local locked page while locked.
- Idle timeout, computer-lock handling, and lock-now controls.
- No telemetry, analytics, accounts, cloud sync, or remote code.

Important limits:

- Chrome must have usable cookies while sites are unlocked.
- This does not protect against malware, administrator/root access, malicious extensions, or memory inspection while unlocked.
- Site data outside cookies, such as localStorage, IndexedDB, browser cache, and service workers, is not encrypted by the first release.
- Some websites may expire or revoke sessions server-side while cookies are vaulted.

Session Vault is designed for local session privacy on an unattended browser, not as a replacement for full-disk encryption, OS account security, or a password manager.