Public Help
Features

Password vault

An end-to-end encrypted, zero-knowledge place to save your website logins and generate strong passwords. Synced across Public web and Android.

The Password vault lets you save site, email, and password credentials inside Public and sync them across your devices. Everything is end-to-end encrypted with a master password that only you know — Public's servers only ever see the encrypted blob.

Important: your master password is different from your Public account password. Your account password lets you sign in to Public. Your master password unlocks the vault and is never sent to our servers. We cannot reset or recover it.

How it's protected

When you create your vault, your device:

  1. Generates a random vault key (32 bytes) and a random salt (16 bytes).
  2. Derives a Key Encryption Key (KEK) from your master password and the salt using Argon2id (memory-hard, OWASP-recommended).
  3. Wraps the vault key with the KEK using AES-256-GCM and uploads only the wrapped blob.
  4. Stores a small verifier value (a known constant encrypted with the KEK) so the next device that signs in can confirm "this master password is correct" without ever transmitting your master password.

Each individual login is then encrypted on-device with the vault key before it leaves your machine. The server stores only the ciphertext and a nonce — no site name, URL, username, password, or notes are ever readable by Public.

Find it

  • Web: open public.kim/passwords (or Passwords in the left sidebar / More menu).
  • Android: open the Menu tab → Passwords.

The web app needs a secure context (HTTPS, or http://localhost during development) for browser crypto to work. If you somehow land on the page over plain HTTP we'll show a "Secure connection required" notice instead of running.

First-time setup

The first time you open the vault on any device you'll be asked to create your master password.

  1. Pick something you can remember but nobody else can guess. A passphrase of several unrelated words is great.
  2. Type it twice. The strength meter has to be at least Fair, minimum 8 characters.
  3. Tap/click Create vault.

The setup screen warns you in red: if you forget this master password, your saved logins cannot be recovered. Write it down somewhere offline if you're worried.

Once setup finishes, your device holds the vault key in memory and you can start saving logins.

Unlock the vault

On every fresh app start (Android) or page load (web), the vault is locked:

  • Type your master password.
  • The device derives the KEK with Argon2id (this takes 1–2 seconds — that's intentional, it's what makes brute-forcing infeasible) and unwraps the vault key locally.
  • The vault key stays in memory until you lock it again, sign out, refresh the web page, or 5 minutes of inactivity elapses.

A wrong password just fails with "Wrong master password." — it never tells the server anything.

Save a login

  1. From the list, tap/click Add login (the + button).
  2. Fill in:
    • Site or app — e.g. GitHub
    • URL — optional, e.g. https://github.com
    • Email or username
    • Password — type it in, or tap the wand icon to generate a strong one (see below).
    • Notes — optional free text.
  3. Tap Save.

Everything is encrypted on-device before it's uploaded.

Generate a strong password

Tap the wand icon next to the password field (or in the editor) to open the Password generator. You can configure:

  • Length — slider from 8 to 64 characters.
  • Uppercase letters (A–Z)
  • Lowercase letters (a–z)
  • Digits (0–9)
  • Symbols (! @ # $ % …)
  • Avoid look-alikes — skips visually ambiguous characters like I l 1 O 0.

The generator uses your device's cryptographic random number source and guarantees at least one character from each enabled class. Tap Generate again to roll a new one, or Use this password to drop it into the entry you're editing.

Find and use your logins

  • The list shows each entry's site and username.
  • The search box filters by site, URL, username, or notes (all in-memory, on your device).
  • Tap an entry to edit it.
  • Tap the small key icon to copy the password to your clipboard.
  • Tap the small copy icon to copy the username.

When you copy a sensitive value:

  • The clipboard is marked sensitive on Android 13+ so it doesn't appear in the system clipboard preview.
  • We attempt to clear the clipboard after ~30 seconds, but only if it hasn't been overwritten in the meantime.

Lock the vault

  • Top-right menuLock vault clears the in-memory key immediately.
  • The vault also locks itself after 5 minutes of inactivity on each device.
  • On the web, a page refresh or closing the tab always locks the vault.
  • On Android, closing the app or letting it be killed in the background locks it.

To use it again, just unlock with your master password.

Change your master password

You can rotate your master password at any time. Because Public uses a two-key design (master password → KEK → vault key → entries), this doesn't re-encrypt every saved login — only the wrapped vault key and verifier change. The operation is fast even with hundreds of entries.

On the web

  1. Open public.kim/passwords and unlock.
  2. Top-right ⋯ menu → Change master password.
  3. Type your current master password, then a new one twice.
  4. Save.

On Android

  1. Open Passwords from the Menu tab and unlock.
  2. Top-right ⋮ menu → Change master password.
  3. Type your current master password, then a new one twice.
  4. Save.

Your current master password is verified locally, never sent to our servers.

Privacy and security guarantees

  • The server stores only: KDF salt + parameters, the wrapped vault key, the verifier blob, and per-entry { ciphertext, nonce }.
  • The server never stores your master password, your derived keys, the vault key, or any plaintext credential — and we cannot recover them for you.
  • All vault HTTP traffic is never cached (the clients send Cache-Control: no-store).
  • The web vault refuses to run on non-secure origins (Web Crypto requires HTTPS or localhost).
  • The Android vault screens use FLAG_SECURE so credentials don't show up in screenshots or the recent-apps preview.

What happens if you delete your account

Deleting your Public account deletes your vault completely:

  • Every encrypted entry (PasswordEntry) is removed.
  • The wrapped vault key and KDF metadata (PasswordVault) are removed.
  • Because the deletion is permanent and the data was zero-knowledge to begin with, nobody — including Public — can restore it.

See Delete account.

Important limits

  • The master password cannot be reset. If you forget it, the only recovery is to start over with a brand-new vault and re-add every login. See Forgot master password.
  • The vault is for website / app logins, not for bank cards, secure notes, files, or TOTP codes (yet).
  • The web client and the Android client are byte-for-byte compatible — a vault created on one unlocks on the other.

Todos and Todo Groups

Personal todos and shared todo groups for collaborating with friends.

Challenges

Run group challenges with daily tasks, photo or video proof, and reward badges.

On this page

How it's protectedFind itFirst-time setupUnlock the vaultSave a loginGenerate a strong passwordFind and use your loginsLock the vaultChange your master passwordOn the webOn AndroidPrivacy and security guaranteesWhat happens if you delete your accountImportant limitsRelated