Forgot Password

Passwall does not offer a “password reset” flow by design. This is not a limitation — it is a direct consequence of our security model.

Locked out everywhere?

There is no account recovery for forgotten passwords. Passwall Vault can only verify your email to approve account deletion. After deletion, you can sign up again from scratch. Encrypted vault data cannot be recovered without your master password.

Why can’t we reset your master password?
Because Passwall is built on a zero‑knowledge architecture.

Your vault is unlocked using keys derived on your device. Your master password is never sent to our servers in plaintext — which means no one (including Passwall) can see what’s inside your vault.

A “reset” would require us to either regenerate decryption keys for your vault, or keep a server-side backdoor. Passwall deliberately does neither.

Our servers only store encrypted data. Without the correct master password, it is not practically decryptable.

Bottom line: if you forget your master password, we cannot “reset it” for you — not because we won’t, but because we can’t. This is one of the key guarantees that keeps your vault protected even in worst‑case scenarios.

What can you do now?
If you can’t remember your master password, you still have a few options.

If you still have an active session: If you’re still signed in on any device/tab, you may be able to change your master password from account settings and regain access.

If you’re using Passwall with a team: Contact your organization admin. Depending on your org’s policies/workflows, they may be able to help with access management.

If you can’t recover it: Encrypted vault data cannot be restored without your master password. Use Passwall Vault → Forgot master password to request email-verified account deletion. After deletion, you can sign up again from scratch. If you need human assistance, use the form below or contact support.

This design works together with a strong KDF (PBKDF2/Argon2) to slow down brute‑force attacks, end‑to‑end encryption (AES‑256), and the zero‑knowledge principle. “No reset” is the price of not weakening security.

Delete My Account
Prefer the self-service flow in Passwall Vault (email verification). Use this form only if you need manual review from our team.

Recommended: Start recovery in Vault — faster and aligned with our security checks.

This request cannot be undone. If possible, export your vault first.

For your safety, do not share passwords, vault contents, or any secret material via this form.

support@passwall.io
Security summary
The technical foundation behind “no reset”.
Zero‑knowledge
Your master password never reaches our servers; decryption happens on your device.
Strong KDF
PBKDF2‑SHA256 (600,000+ iterations) or Argon2id.
AES‑256
Vault data is encrypted on your device and stays encrypted.
Master password tips
A strong master password directly increases your vault’s security.
  • At least 12 characters (longer is better)
  • Random and unique (never reused elsewhere)
  • Prefer a passphrase you can remember
  • Never share it with anyone

Made in Europe

Privacy by default