Public Help
Troubleshooting

Forgot master password

What to do when you can't remember the master password for your Public password vault.

The master password for the Password vault is not your Public account password. It never leaves your device. Public cannot reset it, even with proof of identity.

Can it be recovered?

No. That's the whole point of the vault being zero-knowledge: our servers only ever hold ciphertext, and the only key that decrypts it is derived from the master password you typed. If nobody on your devices remembers that password, the saved logins are mathematically unreachable.

If you forget your account password instead, follow Cannot sign in — that one we can reset over email.

Things to try first

Before you give up, try every possibility from another already-unlocked device, because the vault key stays in memory for up to 5 minutes after activity:

  • Another device that's still unlocked? If your Android app or another browser tab still shows the entry list, you can read your logins there. Open them and copy what you need before you lock or auto-lock that device.
  • Saved by your browser? Some users let the browser autofill the master password into the Unlock vault field. Check your browser's saved passwords for public.kim. (We recommend you don't store the master password this way going forward — see below.)
  • Variations: try without trailing spaces, with/without capital letters, with the keyboard layout you usually use, etc.

If you find a device that's still unlocked:

  1. Open Passwords there.
  2. Use Change master password to set a new one you'll remember.
  3. From then on, every other device just needs the new master password to unlock — the saved entries themselves don't change.

If you really can't remember it

You have two options, both destructive:

Option A — Start a fresh vault

  1. Open the vault on any device.
  2. From the unlock screen, do not try to log out — just delete the vault server-side by deleting your account and creating a new one (last-resort, see Delete account). Note: this wipes everything, not just the vault.

Option B — Wait for an in-app reset (preferred)

A future update will add an in-app "Reset vault" button that wipes the encrypted blob on the server without deleting the rest of your account. Until then, contact support from the Contact link in the footer and they can clear your vault for you so you can set a new master password — but the previously saved logins are gone either way.

Avoid this next time

  • Treat the master password like a physical key: write it down somewhere offline (a piece of paper in a safe, a hardware password manager, a sealed envelope) the moment you create it.
  • Use a memorable passphrase of several unrelated words, not a short cryptic password.
  • Don't reuse your Public account password as your master password — they protect different things and should be different.

"Secure connection required" on the web

If the web vault shows "Secure connection required" instead of letting you sign in:

  • Make sure the URL starts with https:// (or http://localhost during development).
  • Don't access the dev server over a LAN IP like http://192.168.x.x — browser crypto is disabled on insecure HTTP origins.

Language and RTL

Switch the app's language and fix issues with right-to-left layouts.

On this page

Can it be recovered?Things to try firstIf you really can't remember itOption A — Start a fresh vaultOption B — Wait for an in-app reset (preferred)Avoid this next time"Secure connection required" on the webRelated