diff --git a/src/__phutil_library_map__.php b/src/__phutil_library_map__.php
--- a/src/__phutil_library_map__.php
+++ b/src/__phutil_library_map__.php
@@ -1271,6 +1271,7 @@
     'PassphraseCredentialTypeTestCase' => 'applications/passphrase/credentialtype/__tests__/PassphraseCredentialTypeTestCase.php',
     'PassphraseCredentialViewController' => 'applications/passphrase/controller/PassphraseCredentialViewController.php',
     'PassphraseDAO' => 'applications/passphrase/storage/PassphraseDAO.php',
+    'PassphraseNoteCredentialType' => 'applications/passphrase/credentialtype/PassphraseNoteCredentialType.php',
     'PassphrasePasswordCredentialType' => 'applications/passphrase/credentialtype/PassphrasePasswordCredentialType.php',
     'PassphrasePasswordKey' => 'applications/passphrase/keys/PassphrasePasswordKey.php',
     'PassphraseQueryConduitAPIMethod' => 'applications/passphrase/conduit/PassphraseQueryConduitAPIMethod.php',
@@ -4766,6 +4767,7 @@
     'PassphraseCredentialTypeTestCase' => 'PhabricatorTestCase',
     'PassphraseCredentialViewController' => 'PassphraseController',
     'PassphraseDAO' => 'PhabricatorLiskDAO',
+    'PassphraseNoteCredentialType' => 'PassphraseCredentialType',
     'PassphrasePasswordCredentialType' => 'PassphraseCredentialType',
     'PassphrasePasswordKey' => 'PassphraseAbstractKey',
     'PassphraseQueryConduitAPIMethod' => 'PassphraseConduitAPIMethod',
diff --git a/src/applications/passphrase/controller/PassphraseCredentialEditController.php b/src/applications/passphrase/controller/PassphraseCredentialEditController.php
--- a/src/applications/passphrase/controller/PassphraseCredentialEditController.php
+++ b/src/applications/passphrase/controller/PassphraseCredentialEditController.php
@@ -47,7 +47,7 @@
       $is_new = true;
 
       // Prefill username if provided.
-      $credential->setUsername($request->getStr('username'));
+      $credential->setUsername((string)$request->getStr('username'));
 
       if (!$request->getStr('isInitialized')) {
         $type->didInitializeNewCredential($viewer, $credential);
@@ -151,10 +151,11 @@
         $credential->openTransaction();
 
         if (!$credential->getIsLocked()) {
-          $xactions[] = id(new PassphraseCredentialTransaction())
+          if ($type->shouldRequireUsername()) {
+            $xactions[] = id(new PassphraseCredentialTransaction())
             ->setTransactionType($type_username)
             ->setNewValue($v_username);
-
+          }
           // If some value other than a sequence of bullets was provided for
           // the credential, update it. In particular, note that we are
           // explicitly allowing empty secrets: one use case is HTTP auth where
@@ -263,15 +264,18 @@
         pht('This credential is permanently locked and can not be edited.'));
     }
 
-    $form
+    if ($type->shouldRequireUsername()) {
+      $form
       ->appendChild(
         id(new AphrontFormTextControl())
           ->setName('username')
           ->setLabel(pht('Login/Username'))
           ->setValue($v_username)
           ->setDisabled($credential_is_locked)
-          ->setError($e_username))
-      ->appendChild(
+          ->setError($e_username));
+    }
+       $form
+       ->appendChild(
         $secret_control
           ->setName('secret')
           ->setLabel($type->getSecretLabel())
diff --git a/src/applications/passphrase/controller/PassphraseCredentialViewController.php b/src/applications/passphrase/controller/PassphraseCredentialViewController.php
--- a/src/applications/passphrase/controller/PassphraseCredentialViewController.php
+++ b/src/applications/passphrase/controller/PassphraseCredentialViewController.php
@@ -182,9 +182,11 @@
       pht('Editable By'),
       $descriptions[PhabricatorPolicyCapability::CAN_EDIT]);
 
-    $properties->addProperty(
-      pht('Username'),
-      $credential->getUsername());
+    if ($type->shouldRequireUsername()) {
+      $properties->addProperty(
+        pht('Username'),
+        $credential->getUsername());
+    }
 
     $used_by_phids = PhabricatorEdgeQuery::loadDestinationPHIDs(
       $credential->getPHID(),
diff --git a/src/applications/passphrase/credentialtype/PassphraseCredentialType.php b/src/applications/passphrase/credentialtype/PassphraseCredentialType.php
--- a/src/applications/passphrase/credentialtype/PassphraseCredentialType.php
+++ b/src/applications/passphrase/credentialtype/PassphraseCredentialType.php
@@ -131,4 +131,8 @@
     return $secret;
   }
 
+  public function shouldRequireUsername() {
+    return true;
+  }
+
 }
diff --git a/src/applications/passphrase/credentialtype/PassphraseNoteCredentialType.php b/src/applications/passphrase/credentialtype/PassphraseNoteCredentialType.php
new file mode 100644
--- /dev/null
+++ b/src/applications/passphrase/credentialtype/PassphraseNoteCredentialType.php
@@ -0,0 +1,37 @@
+<?php
+
+final class PassphraseNoteCredentialType
+  extends PassphraseCredentialType {
+
+  const CREDENTIAL_TYPE = 'note';
+  const PROVIDES_TYPE = 'provides/note';
+
+  public function getCredentialType() {
+    return self::CREDENTIAL_TYPE;
+  }
+
+  public function getProvidesType() {
+    return self::PROVIDES_TYPE;
+  }
+
+  public function getCredentialTypeName() {
+    return pht('Note');
+  }
+
+  public function getCredentialTypeDescription() {
+    return pht('Store a plaintext note.');
+  }
+
+  public function getSecretLabel() {
+    return pht('Note');
+  }
+
+  public function newSecretControl() {
+    return id(new AphrontFormTextAreaControl());
+  }
+
+  public function shouldRequireUsername() {
+    return false;
+  }
+
+}
diff --git a/src/applications/passphrase/editor/PassphraseCredentialTransactionEditor.php b/src/applications/passphrase/editor/PassphraseCredentialTransactionEditor.php
--- a/src/applications/passphrase/editor/PassphraseCredentialTransactionEditor.php
+++ b/src/applications/passphrase/editor/PassphraseCredentialTransactionEditor.php
@@ -174,6 +174,10 @@
         }
         break;
       case PassphraseCredentialTransaction::TYPE_USERNAME:
+        $credential_type = $object->getCredentialTypeImplementation();
+        if (!$credential_type->shouldRequireUsername()) {
+          break;
+        }
         $missing = $this->validateIsEmptyTextField(
           $object->getUsername(),
           $xactions);