About the Passwall Security Model

Learn how Passwall protects your passwords with zero-knowledge encryption, military-grade security, and industry-leading practices.

Looking for the practical side of our security posture? Read Security Practices →

256-bit
AES Encryption
600K
PBKDF2 Iterations
24/7
Monitoring
99.9%
Uptime SLA

On this page

Zero-Knowledge Architecture

Passwall uses a zero-knowledge security model, which means that your passwords and sensitive data are encrypted and decrypted on your device only. The Passwall server never has access to your unencrypted data or your encryption keys.

What is Zero-Knowledge?

Zero-knowledge means that Passwall has zero knowledge of your data. Your master password never reaches our servers. Even if someone gained unauthorized access to our database, they would only find encrypted blobs that are impossible to decrypt without your master password.

What We Can't See

  • Your master password
  • Your encryption keys
  • Your vault item names, usernames, or passwords
  • Any of your sensitive notes or files

What We Can See

  • Your email address (for account identification)
  • Number of items in your vault (but not their contents)
  • When you last synced your vault
  • Your KDF configuration (number of iterations)

Encryption & Key Derivation

Passwall uses industry-standard encryption algorithms approved by NIST and recommended by security experts worldwide.

Key Derivation Function (KDF)

When you create your master password, Passwall uses PBKDF2-SHA256 with a minimum of 600,000 iterations (OWASP 2023 recommendation) orArgon2id (memory-hard, GPU-resistant) to derive your master key.

PBKDF2-SHA256

  • • 600,000 - 2,000,000 iterations
  • • NIST approved (SP 800-132)
  • • Hardware accelerated
  • • Proven at scale

Argon2id

  • • Memory-hard (64MB)
  • • GPU/ASIC resistant
  • • Winner of PHC 2015
  • • Future-proof

Why High Iterations Matter

High iteration counts make brute-force attacks extremely slow. With 600,000 iterations, even a powerful GPU can only test a few thousand passwords per second, making it practically impossible to crack strong passwords. A 12-character random password would take trillions of years to crack.

Vault Encryption

Your vault data is encrypted using AES-256-CBC with HMAC-SHA256for authentication. This "encrypt-then-MAC" approach provides both confidentiality and integrity.

Encryption Specifications

  • Algorithm:AES-256-CBC + HMAC-SHA256
  • Key Size:256 bits (encryption) + 256 bits (MAC)
  • IV Generation:Random 128 bits per encryption
  • Format:EncString "type.iv|ciphertext|mac"

How It Works

Here's what happens when you use Passwall, step by step:

1. Account Creation

  1. 1You create a master password on your device. This password never leaves your devicein plain text.
  2. 2Passwall derives a 256-bit Master Key from your password using PBKDF2 or Argon2 (600,000+ iterations).
  3. 3A random 512-bit User Key is generated (this encrypts your actual vault data).
  4. 4The User Key is encrypted with your Master Key and sent to our servers. We store thisencrypted User Key, but we can't decrypt it.

2. Signing In

  1. 1You enter your master password.
  2. 2Passwall derives your Master Key locally (using the same KDF process).
  3. 3An authentication hash is sent to verify your identity (but not your Master Key).
  4. 4The server returns your encrypted User Key. Your Master Key decrypts it locally.
  5. 5Your vault is downloaded (still encrypted) and decrypted on your device with your User Key.

The Result

At no point does the Passwall server have access to your unencrypted data or your encryption keys. All encryption and decryption happens on your device, in your browser or app.

Security Guarantees

Passwall's architecture provides multiple layers of security protection:

End-to-End Encryption

Your data is encrypted on your device before it leaves. Only you can decrypt it.

Zero-Knowledge

We can't see your passwords or encryption keys, even if we wanted to.

Brute-Force Protection

600,000+ iterations make password guessing attacks impractical.

Breach Protection

Even if our database is stolen, attackers only get encrypted data.

Key Rotation

Change your master password anytime without re-encrypting all data.

Tamper Detection

HMAC authentication ensures data hasn't been modified.

If Passwall Gets Hacked

In the unlikely event that someone gains unauthorized access to our servers:

  • They get: Encrypted blobs that are useless without your master password
  • They can't: Decrypt your data (requires your master password + 600K iterations)
  • You're safe if: You use a strong, unique master password

Master Password Best Practices

  • • Use at least 12 characters
  • • Mix uppercase, lowercase, numbers, and symbols
  • • Don't reuse passwords from other sites
  • • Consider using a passphrase (e.g., "correct-horse-battery-staple")
  • • Never share your master password with anyone

Security Audits & Transparency

Passwall undergoes regular third-party security audits to ensure the highest level of security and compliance.

Our Security Practices

  • Independent Security Audits:

    Regular security reviews, code audits, and penetration testing to identify and fix vulnerabilities.

  • Bug Bounty Program:

    We reward security researchers who responsibly disclose vulnerabilities.

  • Continuous Monitoring:

    24/7 security monitoring and incident response team to protect your data.

Security Standards

  • GDPR Compliance
  • OWASP Security Guidelines
  • NIST Cryptographic Standards
  • Regular Security Testing

Compliance & Certifications

Passwall follows industry-standard security practices and compliance requirements:

🔒 GDPR Compliant

Full compliance with EU data protection regulations. Your data is encrypted and you have full control.

🛡️ OWASP Standards

Following OWASP guidelines for password storage and key derivation.

🔐 NIST Approved

Using NIST-approved cryptographic algorithms (AES-256, PBKDF2-SHA256).

🔍 Regular Audits

Ongoing security reviews and third-party penetration testing.

Security Standards We Follow

Passwall follows industry-recognized security standards and best practices:

  • NIST SP 800-132 (Password-Based Key Derivation)
  • OWASP Password Storage Cheat Sheet
  • RFC 5869 (HKDF Key Derivation)
  • RFC 9106 (Argon2 KDF)

Frequently Asked Questions

Can Passwall employees see my passwords?

No. Your passwords are encrypted with your master password before they reach our servers. We only store encrypted blobs that we cannot decrypt. Even our administrators cannot access your data.

What happens if I forget my master password?

Unfortunately, we cannot recover your account if you forget your master password. This is the trade-off of zero-knowledge security—we never have access to your master password or encryption keys. We recommend storing your master password in a safe place.

Is Passwall as secure as 1Password or Bitwarden?

Yes. Passwall uses the same industry-standard encryption (AES-256) and key derivation (PBKDF2/Argon2) as leading password managers. Our zero-knowledge architecture ensures that only you can access your data.

Can government agencies force you to decrypt my data?

No. We physically cannot decrypt your data because we don't have your master password or encryption keys. Even if legally compelled, we can only provide encrypted data that's useless without your master password.

How do I know Passwall is secure?

Passwall follows industry best practices including OWASP security guidelines and NIST cryptographic standards. We conduct regular security reviews, code audits, and vulnerability assessments. Our architecture is based on proven zero-knowledge encryption used by leading password managers.

What if Passwall shuts down?

You can export your vault at any time in standard formats (CSV, JSON) that work with other password managers. We also offer data portability guarantees under GDPR regulations.

Ready to secure your digital life?

Join thousands of users who trust Passwall with their passwords.

Get Started FreeContact Sales