How it works

Zero-knowledge, explained plainly.

“Zero-knowledge” means the service literally cannot read your data. Here's how that works, and what it means for you.

The four steps

  1. You set a master password. It never leaves your device. It isn't sent to the server at all, not even hashed-for-login in its raw form.
  2. Your device derives a key. Argon2id turns your master password into an encryption key, salted by your account identifier.
  3. Your vault is encrypted locally. Every item is sealed with AES-256-GCM using a key only your device can compute.
  4. Only ciphertext is synced. The server receives and stores encrypted blobs. It has nothing it could decrypt.

What the server can and cannot do

CanCannot
Yes Store & return encrypted blobsNo Decrypt any vault item
Yes Verify your loginNo Learn your master password
Yes Enforce 2FA, rate limits, lockoutNo Recover a forgotten master password
Yes Hold a blinded login hashNo Read your email/identity or item names
The honest trade-off: because no one but you can decrypt your vault, there is no password reset. If you lose your master password (and your recovery passphrase), the vault is unrecoverable. That irreversibility is the privacy guarantee.

The building blocks

  • Argon2id: memory-hard key derivation, resistant to brute force.
  • AES-256-GCM: authenticated encryption for every vault item.
  • HKDF: key separation so the login credential and the encryption key are never the same value.
  • Blinded identifiers: your login handle is stored only as a keyed hash.

What's in scope

The design defends against a fully compromised server, a stolen database, network interception, and a malicious operator. A compromised device (e.g. malware/keylogger on your own computer) is, like every password manager, outside what encryption alone can fix.

Status: passwd is pre-1.0 and has not yet had an independent security audit. The cryptographic design is public and documented, so review it, and please don't store irreplaceable secrets until the audit milestone is reached.