Security ToolComing Soon

retroLAPS for macOS

Enterprise-grade LAPS for already-enrolled Macs. No re-enrollment required. More secure than native Jamf LAPS with zero-knowledge encryption.

About This Project

Jamf native LAPS has a critical limitation: it only works for devices enrolled AFTER LAPS is enabled. retroLAPS solves this by bringing enterprise-grade LAPS functionality to already-enrolled Jamf Pro computers without requiring re-enrollment.

Preview

Welcome Screen

Key Features

Works with already-enrolled Macs—no re-enrollment required

Zero-knowledge encryption architecture

AES-256-CBC encryption using organization certificates

Unique encryption keys per device (serial number derived)

Automated time-based rotation (configurable intervals)

Activity-based rotation after admin account usage

Native SwiftUI Admin Tool with progressive loading

Instant search across thousands of computers

Auto-detection of Jamf settings on managed Macs

Full Jamf Pro API v1/v2 integration with OAuth2

Configuration Profile-based deployment

Complete audit trail maintained

Requirements

macOS 12.0+ (Monterey or later)
Jamf Pro 10.40+
Organization certificate deployed to all devices
Jamf API client with appropriate permissions

Target Launch

Q1-Q2 2026

Currently ~90% complete

Open Source

This project will be released as open source under the MIT license. Get notified when it launches.

Get Notified

Tech Stack

SwiftSwiftUIBashJamf APIAES-256 Encryption

License

MIT License

Need Help?

We offer professional support and custom development for this project.

Want Early Access?

Get notified when this project launches or discuss your specific needs with our team.

Get in Touch View All Projects