FAQ

Frequently asked questions

What is zero-knowledge encryption?

It means your master password and vault contents are encrypted and decrypted entirely on your own device. The key that protects your data is derived from your master password locally and never sent to our servers — so even if our database were breached, an attacker would only find encrypted, meaningless data.

What happens if I forget my master password?

You can regain access using your Recovery Key, a one-time code generated and shown to you when you created your account. It re-derives your vault key independently, letting you set a new master password without losing any data. If you've lost both your master password and your Recovery Key, we cannot recover your account — that's the direct consequence of us never having a way to read your vault in the first place.

What platforms does Credensy support?

Web, Windows, Android, and a Chrome extension, all syncing the same encrypted vault through one account.

How is Credensy different from other password managers?

Most password managers focus on logins. Credensy covers a much wider range of credential types — including SSH keys, PGP keys, API credentials, database logins, crypto wallets, and environment-variable bundles, with more added over time — alongside built-in generator tools (SSH/PGP keypairs, BIP-39 mnemonics, password/passphrase generation) and live TOTP codes, all under the same zero-knowledge model.

What happens if Credensy's servers are breached?

An attacker would find only encrypted ciphertext and salted authentication hashes — never plaintext passwords, keys, or notes, and never your master password or Recovery Key. Decrypting any of it would require your master password or Recovery Key, neither of which we ever store or transmit.

Is my data backed up?

Your encrypted vault syncs across every device you're signed into, so a copy of your (encrypted) data exists on each of them in addition to our servers.