We designed the platform with end-to-end encryption (E2EE). This means only you control your secrets.
Your master key is never sent to our servers. All encryption and decryption happen locally on your device, ensuring only you control your secrets.
Your master key is protected by a recovery phrase, similar to cryptocurrency wallets. This allows you to restore access if all devices are lost.
New devices must be approved using your recovery phrase or an existing trusted device. Each device has its own cryptographic keys for authentication.
Our servers only ever see encrypted data, salts, and non-sensitive metadata. Your actual secrets remain completely private.
Your recovery phrase is the only way to restore access. Without it, no one, including us and you, can recover your data.
Only you decide which devices are trusted. We support push notifications for secure device approval.
Advanced cryptographic algorithms protect against brute-force attacks and data leaks, ensuring your data remains secure.