Loading...
Loading…
Loading...
Checking your session...
Zero-knowledge protection for private notes on your Westro account.
Create a strong, unique password. It derives your encryption keys locally and is never sent to Westro.
Save all 3 one-time recovery codes outside the vault. They are your only backup if you forget your password or lose a device key.
Notes are encrypted on your device before anything syncs. Westro only ever stores locked ciphertext.
Enable in Vault Settings to require a device key on unrecognized browsers. Save the key when shown; it cannot be viewed again.
Enable hardware-verified Face ID or fingerprint in Vault Settings on a trusted device. Your master password remains available as fallback.
The vault auto-locks after 3 minutes of inactivity. Open secrets re-hide after 30 seconds to limit shoulder-surfing exposure.
Security practices that help keep your encrypted vault under your control.
Use a unique, strong master password. Never reuse one from another app or website.
Store recovery codes offline, outside the vault. Each code works once and cannot be replaced by Westro.
If Device Protection is enabled, save your device key securely. Unverified browsers cannot unlock the vault.
Treat a new phone or computer as untrusted until you verify with your device key or a recovery code.
Enable biometrics only in Vault Settings on a personal device with a secure lock screen.
Lock the vault when you finish. Do not leave an unlocked session on a shared or public screen.
Name entries clearly for auditability, and delete notes you no longer need to reduce exposure.
Read these important security and usage limitations before relying on stored vault data.
We never see your master password or your saved secrets. Everything is locked on your device before it is stored or synced.
Open the vault only on your personal phone or computer. Avoid shared, work, or borrowed devices.
The vault locks itself after 3 minutes of no activity. Lock it yourself when you finish so your secrets are not left open.
Use a trusted device with up-to-date software. Be careful with unknown apps or browser add-ons while the vault is open.
When you copy a secret, it stays on your clipboard for up to 30 seconds, then clears automatically. Other apps may still see it during that short time.
Face ID or fingerprint is handy, but only as safe as your device. Use it on devices you trust and keep a strong phone or computer passcode.
Keep your 3 recovery codes in a safe place outside the vault. If you lose both your password and recovery codes, we cannot open the vault for you.
Double-check important details before you use them. Remove old passwords and notes you no longer need.