🔒 End-to-End Encryption
Your content is encrypted before it leaves your browser. Not even we can read it.
How it works
- Key derivation: When you log in, a unique encryption key is derived from your password using PBKDF2 with 600,000 iterations. This key exists only in your browser’s session memory.
- Encryption: Before any content is saved, it’s encrypted with AES-256-GCM using a unique random IV (initialization vector) for each piece of data.
- Storage: Our database stores only encrypted ciphertext. The server never sees your plaintext content after AI generation.
- Decryption: When you view your history, your browser decrypts the content using the key in session memory. If you close and reopen the browser, you’ll be asked for your password again.
⚠️ Important: Password = Your Key
Your password is the only way to decrypt your content. We don’t store your password or your encryption key. This means:
- If you forget your password, your encrypted content cannot be recovered. Ever.
- We cannot reset your encryption or recover your data.
- When you change your password, all content is re-encrypted with the new key automatically.
What the server can see
| Your email | ✅ Visible (needed for login) |
| Your password | ❌ Never stored (bcrypt hash only) |
| Your content (input text) | ❌ Encrypted ciphertext only |
| Generated outputs | ❌ Encrypted ciphertext only |
| Encryption salt | ✅ Visible (not secret, needed for key derivation) |
Passkey users
If you sign in exclusively with a passkey (no password), you can set an encryption password in your Account Settings to enable E2EE. Without it, your content will be stored unencrypted.