Skip to main content

Credentials

Store website login credentials securely for automated browser login.

Why Credentials?

When Wovly uses browser automation to log into websites, it needs your credentials. Instead of asking in chat (insecure), Wovly uses pre-saved credentials that:
  • Are stored encrypted locally
  • Never appear in chat or logs
  • Are auto-filled during browser automation
  • Never sent to AI providers

Setup

  1. Go to Credentials in Wovly
  2. Click Add Credential
  3. Enter:
    • Domain: Website domain (e.g., amazon.com)
    • Username: Your login username/email
    • Password: Your password
  4. Click Save

Usage

Once credentials are saved: 
You: Log into Amazon and check my orders

Wovly: [Navigates to amazon.com]
       [Auto-fills login with saved credentials]
       [Shows your recent orders]

Security

Encryption

Credentials are encrypted using Electron’s safeStorage API, which uses:
  • macOS: Keychain
  • Windows: DPAPI
  • Linux: Secret Service API

Never Exposed

  • Credentials never appear in chat
  • Never sent to LLM providers
  • Never logged to console or files
  • Only used during browser automation

Local Storage

All credentials stay on your machine: 
~/.wovly-assistant/settings.json (encrypted)

Managing Credentials

View Credentials

  1. Go to Credentials page
  2. See list of saved domains
  3. Click eye icon to reveal (requires system password)

Edit Credentials

  1. Click on a credential
  2. Click Edit
  3. Update and save

Delete Credentials

  1. Click on a credential
  2. Click Delete
  3. Confirm deletion

Best Practices

Use app-specific passwords when available (Google, Apple, etc.) instead of your main password.
Match domain exactly - Save accounts.google.com not just google.com for Google login.
Two-factor auth - Wovly can handle 2FA prompts but may need you to approve on your phone.

Troubleshooting

Check that the domain matches exactly what appears in the URL during login.
If a site has multiple login pages, you may need credentials for each subdomain.
For sites with mandatory 2FA, keep your phone nearby to approve the login.