What is a Zero-Knowledge Password Manager?

A zero-knowledge password manager is one where the provider cannot decrypt your data — even if they wanted to, even if compelled to. PassCryp derives your vault key from your master password locally, encrypts everything with AES-256-GCM, and only ciphertext ever leaves your device.

Start your free vault Security model

Master password never transmitted

Your master password stays on your device. We don't see it, log it, or store a hash that could be reversed.

Argon2id key derivation

Memory-hard KDF that defeats GPU and ASIC brute-force attacks — the modern standard, not legacy PBKDF2.

AES-256-GCM authenticated encryption

Every vault item is encrypted with a fresh nonce and an authentication tag. Tampering is detected, not silently ignored.

Per-row Row-Level Security

Even our database enforces per-user access. A misconfigured query can't leak another user's ciphertext.

Open browser extension

The extension that touches your master password is open source — you can audit every line that handles the unlock flow.

No password reset by us

There is no admin override. Forgotten master passwords are recovered only via your one-time recovery kit.

Why zero-knowledge matters in 2026

Every year brings new breach headlines: LastPass, Okta, 23andMe, and dozens of smaller providers. Most are not catastrophic because attackers stole data — they're catastrophic because the data was decryptable once stolen. Zero-knowledge architecture changes that equation: if the server never holds the key, a stolen database is just noise.

Zero-knowledge is also a hedge against compelled disclosure. A provider that can decrypt your data can be ordered to. A provider that cannot — and can prove it cannot — has nothing to hand over. PassCryp publishes its key-derivation parameters and threat model so this claim is verifiable, not just marketing.

It also defends against insider risk. PassCryp engineers do not have a tool that reads your vault. There is no "god mode" admin panel. The architecture makes the wrong thing impossible, not just policy-forbidden.

How PassCryp's encryption stack works

When you set a master password, PassCryp generates a random 256-bit vault key and encrypts it with a key derived from your master password using Argon2id (64 MB memory cost, 3 iterations, parallelism 1 — tuned to the OWASP 2024 recommendation). The result is your wrapped vault key, the only thing we store that depends on your master password.

Every vault item — passwords, notes, API keys, TOTP seeds, card numbers — is encrypted client-side with AES-256-GCM using a fresh 96-bit nonce. Ciphertext, nonce, and the GCM auth tag are all that sync. The plaintext exists only in the memory of devices you've unlocked.

Sharing works without us ever holding the key: shared vaults use a per-vault key encrypted to each member's public key. Revoking a member rotates the vault key and re-encrypts items, all client-side.

What you trade and what you keep

The trade for zero-knowledge is genuine: if you lose your master password and your recovery kit, your vault is unrecoverable. PassCryp's recovery kit is a one-page PDF you print at signup and store offline; it contains an encrypted recovery key that lets you reset without us ever seeing your master password.

What you keep is everything else: sync across devices, browser autofill, TOTP, breach checks, password generation, secure notes, API key storage, and the credit card vault. The crypto sits underneath; the UX is just a password manager.

Frequently asked questions

What does 'zero-knowledge' actually mean?

It means the server has zero knowledge of your plaintext. All encryption and decryption happens on your device using a key derived from your master password.

What happens if I forget my master password?

We genuinely cannot recover it. You can use a recovery kit set up in advance to regain access; otherwise your encrypted vault is unreadable forever.

How is this different from 'end-to-end encrypted'?

They're related. Zero-knowledge is a stricter claim — the provider has no key, no recovery mechanism, no backdoor.

Can governments force PassCryp to decrypt my vault?

No. We don't hold a key. A court order can compel us to hand over ciphertext, which is what we already store — and which is useless without your master password.

Is zero-knowledge slower?

Argon2id takes ~300 ms on unlock; after that, AES-256-GCM is hardware-accelerated and effectively free. You won't notice.

How do I verify PassCryp is actually zero-knowledge?

Read the security whitepaper, audit the open-source browser extension, and inspect the network traffic during unlock — you'll see only encrypted blobs leave the device.

Ready to take control of your secrets?

Start a free zero-knowledge vault in under 60 seconds.

Start your free vault