Security

How encryption works

SecureVault is built around a single guarantee: the server never sees your secrets in plaintext.

Key derivation

Your master password is run through PBKDF2-SHA256 with 600,000 iterations and a per-account 64-byte salt to derive a 256-bit AES key — entirely on your device. The OWASP 2023 minimum is 600k; we hit it exactly.

Per-entry encryption

Every vault entry is encrypted with AES-256-GCM using a fresh 12-byte random IV. Username, password, URL, notes, custom fields, TOTP secret — every field is encrypted before it leaves your device. The server only ever sees ciphertext.

What the server stores

• Your email
• A bcrypt(12) hash of your master password — for authentication only, can’t decrypt anything
• Your PBKDF2 salt (not secret — needed to re-derive the key from your password client-side)
• Encrypted vault blobs (ciphertext + IV)

Lose your master password and even we can’t recover your data. That’s the point.

Hardening

• Account lockout after 5 failed logins (15-minute lock)
• Rate-limited auth endpoints — 5 register/hour, 10 login/15min per IP
• HTTPS-only via Let’s Encrypt (managed by Caddy)
• JWT tokens with 7-day expiry, 401 auto-logout
• HSTS, helmet headers, strict CSP

Want the technical deep dive? Read TECHNICAL.md in the repo.