Google signs you in. Only your browser unlocks the vault.
Vault encryption happens entirely in JavaScript with Argon2id and AES-256-GCM. The server stores only encrypted entries, wrapped vault keys, metadata, and security events.
Security model
A random 256-bit vault key is generated client-side. Entries are encrypted in the browser with AES-256-GCM.
The browser derives a wrapping key with Argon2id using a per-user random salt and strong memory settings.
WebAuthn authenticates the device, and the PRF extension derives a credential-specific wrapping key entirely client-side.
Export, passkey enrollment, password changes, and MFA changes require recent re-authentication and MFA when enabled.