Frequently Asked Questions

What is Keyringer?

Keyringer is a secure password and key management service that helps you generate, store, and manage your passwords and secret keys. We use end-to-end encryption to ensure your data remains private and secure.

Is Keyringer free to use?

Yes, Keyringer offers a free tier that includes essential features like password generation and basic vault storage. Premium features are available for users who need advanced functionality.

How do I get started?

Getting started is easy:

1. Create an account using your email
2. Set up a strong master password
3. Start generating and storing your passwords and keys
4. Access your vault from any device

How secure is my data?

Your data is protected with industry-standard end-to-end encryption. All encryption and decryption happen locally on your device, meaning your unencrypted data never leaves your device. Even we cannot access your stored passwords and keys.

What encryption methods do you use?

We use AES-256 encryption for data at rest and TLS 1.3 for data in transit. All cryptographic operations use the Web Crypto API to ensure secure, standardized implementations.

Can Keyringer access my passwords?

No. Your data is encrypted with your master password, which is never sent to our servers. Without your master password, it's impossible for anyone, including us, to access your encrypted data.

How are passwords generated?

Our password generator uses the Web Crypto API to create cryptographically secure random passwords. You can customize the length and character types (uppercase, lowercase, numbers, special characters) to meet specific requirements.

What makes a strong password?

A strong password should:

• Be at least 12 characters long
• Include a mix of character types
• Be unique for each account
• Avoid personal information
• Not use common word patterns

How often should I change my passwords?

Modern security guidance suggests changing passwords only when necessary (e.g., after a breach) rather than on a fixed schedule. However, using unique, strong passwords for each account is more important than frequent changes.

What are secret keys used for?

Secret keys are used for various purposes like API authentication, encryption keys, or application secrets. They're typically longer and more complex than passwords and often have specific format requirements.

How are secret keys generated?

Like passwords, our secret key generator uses the Web Crypto API to ensure cryptographic randomness. You can customize the length and character sets to match your application's requirements.

How should I store API keys?

Always store API keys and other secrets in your encrypted vault. Never commit them to version control or share them through insecure channels. Use environment variables in your applications to reference these keys.

How do I organize my vault?

You can organize items in your vault using folders, tags, and custom fields. Group related items together and use descriptive names to make items easy to find.

Can I share vault items?

Premium users can securely share vault items with team members or family while maintaining end-to-end encryption. Each shared item can have specific permissions set for different users.

How do I backup my vault?

Your vault is automatically backed up and synchronized across your devices. You can also export your vault data in an encrypted format for additional backup security.

What if I forget my master password?

For security reasons, we cannot reset your master password. Make sure to store it safely and consider setting up account recovery options. If you lose access, you'll need to create a new account.

How do I enable two-factor authentication?

Two-factor authentication can be enabled in your account settings. We support authenticator apps and security keys for additional account security.

How do I delete my account?

You can delete your account from the account settings page. This will permanently delete all your data after a 30-day grace period. Make sure to export any important data before deletion.