Security

Security isn’t a feature. It’s our foundation.

Bitsecrets is built on zero-knowledge encryption. Your master password never leaves your device, and everything in your vault is sealed with AES-256 — so no one else can read it. Not even us.

Bitsecrets locked on iPhone

Zero-knowledge by design

Your master password is used locally to derive your key — it’s never transmitted. All encryption and decryption happen on your device, and our servers only ever hold ciphertext they cannot read.

On your device

Your master password derives a key that never leaves your device.

Encrypted end-to-end

Every item is sealed with AES-256 before it’s ever sent.

Synced as ciphertext

We only ever store encrypted blobs — not even we can read them.

What keeps your vault safe

A few deliberate choices, working together, so your secrets stay yours.

AES-256 end-to-end encryption
Every item is encrypted on your device with AES-256 before it ever reaches our servers.
Zero-knowledge architecture
Your master password never leaves your device. We only ever store encrypted blobs we can’t read.
Built on the Bitwarden SDK
Encryption runs on the open, independently audited Bitwarden SDK — not a homegrown scheme.
Biometric unlock
Open your vault with Face ID or Touch ID, backed by your device’s secure hardware keychain.
No tracking, no ads
We don’t track you, profile you, or sell data. Your vault is nobody’s business but yours.

The details that add up

Security lives in small decisions, made carefully, everywhere in the app.

Privacy curtain
The moment you switch apps, your vault is covered — it never appears in the app switcher.
Auto-lock on exit
Leave the app and the vault locks itself. Coming back always starts from the lock screen.
Clipboard auto-clear
Copied passwords clear on a timer you choose; filled 2FA codes expire from the clipboard automatically.
Master password re-prompt
Mark sensitive items to require your master password again before they open.
Fingerprint phrase
A human-readable phrase that lets you verify your account’s encryption keys.
2FA & login with device
Protect your account with two-factor authentication and approve sign-ins from your phone.
Audited open-source core
AES-256 encryption
No tracking
Face ID

Designed and built in the EU.

A small team, working carefully, on software people trust with their most important accounts.

Ready to protect what matters?

Start securing your passwords, cards, and notes with encryption that even we can’t break.