Backup Key

By default, ZeroPass splits key to 3 trusted contacts (friends / family / administrator). You need 2 out of 3 friends to recover your keys. 

Paying users can print the whole backup key or saved it on the USB stick. You are still advised (but not forced) to simultaneously split the keys between trusted contacts, to retain the inheritance feature.

Backup is self-contained within ZeroPass and parts of the keys .
No email will (or should) help you, most hacks happens with reset of the password delivered into wrong inbox.

[password slot] creation

Everytime you add new password / key / passphrase / secret;

1) it gets backed-up and encrypted, with derived private key  (brown “box”)

2) then it splits into two parts. One is saved with ZeroPass servers, other stays on your devices.

When you sign-in with this slot, both parts come together. 

If you lost the parts of this key (stored on device) and want to recover this key, Master Private key needs to be recovered first (see recovery tab)  

Master Private key splitting

Master Private key gets split into 3 parts and erased afterwards to decrease exposure to attacks.

Key distribution;
1) one key is saved on ZeroPass servers,
2) one key is saved within your device (or more of them)
3) one key is a backup key

You need 2 out of 3 keys to recover master private key. 


Firstly, long random Master Private key is created. We use key derivation based on bip32 (bitcoin deterministic wallets) to generate Master public key which child are then used to encrypt all your passwords backups for possible later recovery. 

Whole scheme

Click on  tabs to split schematic into more chewable pieces. 

Latest specification for ZeroPass security scheme (gitbook);

Read White Paper

All client-side code will be released eventually;
to be verified by security specialists and to proof that your secrets never touches our servers.

“World first concussion proof password manager.” –Captain Obvius