Passary Logo
Passary

Security Model & Architecture

Comprehensive overview of how Passary protects your most sensitive data through zero-knowledge architecture and military-grade encryption.

Our Security Philosophy

Security isn't about promises—it's about mathematical guarantees. Passary is built on the principle that we should never have the ability to access your data, even if we wanted to, even if legally compelled.

This zero-knowledge architecture means your passwords are protected by cryptography, not trust. We've eliminated single points of failure and designed a system where you alone hold the keys to your vault.

Security Architecture

Local-Only Storage

Your encrypted vault resides exclusively on your device. No cloud storage, no servers, noSync—just your data, your device, your control.

Client-Side Encryption

All cryptographic operations execute in your browser. Encryption, decryption, key derivation—everything stays local.

Zero-Knowledge Design

We mathematically cannot access your master password or decrypted vault data. It's not a policy—it's cryptographic certainty.

Privacy by Design

No accounts, no analytics, no tracking. Check your network tab—zero requests during vault operations.

Cryptographic Implementation

Passary uses industry-leading cryptographic algorithms with carefully chosen parameters to ensure maximum security.

Argon2id Key Derivation

Winner of the Password Hashing Competition. Argon2id is a memory-hard function that derives your encryption key from your master password.

Memory

64 MB

Iterations

3

Output

256 bits

AES-256-GCM Encryption

Military-grade authenticated encryption. Used by the US government for TOP SECRET information. Provides both confidentiality and integrity.

  • 256-bit keys — Quantum-resistant security
  • GCM mode — AEAD (Authenticated Encryption with Associated Data)
  • Hardware-accelerated — AES-NI instructions on modern CPUs

Web Crypto API

All cryptographic operations use the browser's native Web Crypto API—a W3C standard that provides secure, constant-time implementations resistant to timing attacks.

Want the technical details? Visit our Encryption Details page for algorithm specifications, parameters, implementation code, and security analysis.

Threat Model & Protection

Understanding what threats Passary protects against—and what remains your responsibility.

Protected Threats

Server Compromise

If our website infrastructure is breached, attackers gain nothing—your vault isn't on our servers.

Legal Demands

Even if compelled by law enforcement or government, we genuinely cannot provide vault access.

Insider Threats

Malicious employees or compromised admin accounts cannot access user vaults.

Mass Surveillance

No centralized database to monitor or intercept—all data is local and encrypted.

Network Eavesdropping

Vault data never transmitted over the network—nothing to intercept.

Brute-Force Attacks

Argon2id + AES-256 makes brute-forcing computationally infeasible (billions of years).

Your Responsibility

  • Device Security: Protect your device with strong passwords, full-disk encryption, and security updates
  • Master Password: Choose a strong, unique master password and never reuse it elsewhere
  • Backups: Regularly export and back up your vault file to prevent data loss
  • Browser Security: Keep your browser updated and avoid malicious extensions
  • Phishing: Always verify you're on passary.com before entering your master password

Attack Resistance

Brute-Force Resistance

With AES-256, there are 2^256 possible keys ≈ 1.15 × 10^77 combinations.

At 1 billion keys/sec:3.67 × 10^59 years
Universe age:1.38 × 10^10 years
Conclusion: Computationally impossible

Quantum Resistance

Grover's algorithm reduces AES-256 to effective 128-bit security—still far beyond brute-force reach.

  • AES-256 chosen for quantum resistance
  • Argon2id memory-hardness also quantum-resistant
  • 128-bit effective security = 2^128 operations still impossible

Side-Channel Protection

Web Crypto API and Argon2id designed to resist timing and cache-based attacks.

  • Constant-time cryptographic operations
  • Argon2id hybrid mode prevents cache-timing leaks
  • Browser sandboxing limits attack surface

Password Cracking Defense

Argon2id's memory-hard design makes GPU/ASIC attacks economically infeasible.

  • 64MB memory requirement per attempt
  • Unique salt prevents rainbow table attacks
  • Parallel cracking limited by memory bandwidth

Trust Model

Understanding what you must trust—and what you don't need to trust—when using Passary.

What You Don't Need to Trust

✓ Passary's servers

Your vault never touches our infrastructure

✓ Our administrators

No access to your encrypted data or keys

✓ Network security

Vault data never transmitted over network

✓ Cloud providers

No cloud storage or third-party services

What You Must Trust

→ Your browser

Crypto operations run in your browser environment

→ Your device

Vault stored locally; device security crucial

→ JavaScript delivery

Code served from passary.com must be authentic

→ Cryptographic libraries

Web Crypto API and Argon2 implementation

Future: Open Source & Reproducible Builds

We plan to open-source Passary and provide reproducible builds, allowing you to verify the code running in your browser matches our public repository. This will minimize trust requirements further.

Verify Our Claims

Don't just trust us—verify our zero-knowledge and local-first architecture yourself.

1

Network Inspection

Open your browser's DevTools → Network tab while using your vault. You'll see zero requests to external servers during vault operations.

2

Local Storage Check

Open DevTools → Application → IndexedDB. Your encrypted vault is stored locally—looks like random gibberish without your master password.

3

Offline Test

Load Passary, then disconnect from the internet. Your vault still works fully—proof that it's entirely local-first.

4

Source Code Review (Planned)

Our code will be open source, allowing security researchers to audit our cryptographic implementation.

Security Model Comparison

Security AspectPassary (Zero-Knowledge)Cloud Password Manager
Provider can access passwords✗ Impossible✓ Technically possible
Server breach impact✓ Zero impact⚠ High risk
Legal/govt. data request✓ Cannot comply⚠ Must hand over data
Password recovery✗ Not possible✓ Email reset available
Trust requirement✓ Minimal⚠ Must trust provider
Data locationYour device onlyProvider's cloud
Backup responsibility⚠ User manages✓ Automatic

Deep Dive into Security

Zero-Knowledge Architecture →

Understand the mathematical guarantees behind our zero-knowledge claims.

Encryption Details →

Technical specifications, parameters, and implementation details.

Responsible Disclosure →

Found a security issue? Report it responsibly.