Security
Local-First Storage
All account data is stored in an encrypted vault file on your local device. The application does not upload your vault to any server by default.
Encryption
The vault uses Argon2id for key derivation from your master password and AES-GCM for authenticated encryption. You can optionally add a keyfile for two-factor vault unlocking.
Auto Lock
The application automatically locks after 10 minutes of inactivity and requires your master password again.
Clipboard Clear
After copying sensitive fields like passwords or TOTP codes, the clipboard is automatically cleared after 60 seconds.
Exported Vault Stays Encrypted
When you export your vault, it remains encrypted. Only someone with your master password and optional keyfile can decrypt it.
Security Boundary
This product focuses on reducing offline cracking risk after vault file exposure. It is best used on a trusted Windows device with a strong master password. This software is intended for website account management.
Use dedicated tools for the following sensitive data
These high-sensitivity secrets require more specialized protection and operating controls than this software is designed to provide.
- Crypto seed phrases
- Private keys
- Exchange API secrets
- Recovery codes that directly transfer assets