Privacy & Security Guide

Everything you need to know about using PriveMind apps safely and securely

🔐 Getting Started with PriveMind

All PriveMind apps share a single master password that encrypts your data locally. When you first use any app, you'll create this password which will then protect all your information across our entire suite of privacy tools.

Important: This password is never sent to our servers. If you forget it, there's no way to recover your data - this is the price of true privacy.

✨ Best Security Practices

Follow these essential practices to maximize your privacy and security:

🔑

Strong Master Password

Create a unique, memorable passphrase with at least 12 characters. Use a mix of words, numbers, and symbols that only you would know.

💾

Regular Backups

Export encrypted backups regularly using each app's export feature. Store these backups securely - they're your only way to recover data if something goes wrong.

🔒

Auto-Lock Settings

Each app automatically locks when idle to protect your data. You can adjust the timeout in each app's settings based on your security needs.

🛡️

Secure Environment

Use PriveMind apps on trusted devices and networks. Avoid public computers or unsecured WiFi when working with sensitive personal data.

🌐

Browser Security

Keep your browser updated and use security extensions to block malicious scripts. Modern browsers provide the best security for our encryption.

🔄

Test Your Backups

Occasionally test importing your backup files to ensure they work correctly. A backup is only useful if it can be restored.

🔄 Data Recovery & Backup

Since we can't access your data, recovery is entirely in your hands:

  • Export Regularly: Use each app's export feature to create encrypted backup files
  • Store Safely: Keep backups in secure locations like encrypted cloud storage or secure drives
  • Multiple Copies: Maintain several backup copies in different secure locations
  • Version Control: Keep dated backups so you can restore to different time points if needed

Remember: True zero-knowledge privacy means if you lose your password, your data is permanently inaccessible. This is the trade-off for absolute privacy.

Technical Details

🔐 Zero-Knowledge Implementation

PriveMind apps use a robust client-side encryption system that ensures your data never leaves your device unencrypted:

Key Derivation: PBKDF2 with 250k-600k iterations (~200-400ms) Encryption: AES-GCM-256 with random 12-byte IVs Storage: IndexedDB for performance and larger quotas Key Management: Non-extractable CryptoKeys kept only in memory
  • Password-Based Encryption: Your master password derives encryption keys using PBKDF2 with high iteration counts
  • AES-GCM 256-bit: Military-grade encryption provides both confidentiality and integrity protection
  • Random IVs: Each encryption operation uses a unique initialization vector for maximum security
  • No Key Storage: Encryption keys exist only in memory while you're using the apps

🛡️ Security Architecture

  • Version Control: Our crypto schema is versioned to enable secure migrations in future updates
  • XSS Protection: Strict Content Security Policies and other protections against malicious scripts
  • Memory Safety: Keys are automatically purged from memory when apps lock or close
  • Integrity Checking: All encrypted data includes authentication tags to detect tampering

🌐 Browser Compatibility

PriveMind apps work best on modern browsers with full crypto API support:

  • Recommended: Chrome 60+, Firefox 57+, Safari 12+, Edge 79+
  • Required Features: Web Crypto API, IndexedDB, modern JavaScript (ES2017+)
  • Storage: IndexedDB provides much larger storage quotas than localStorage
  • Performance: Hardware crypto acceleration improves encryption/decryption speed
Explore Our Privacy Apps