Security at LockBoxApp
At LockBoxApp, we take your privacy and security seriously. Below is a summary of our current security practices to protect your information and data.
1. No Password Storage: LockBoxApp does not store any passwords or sensitive information. All password generation and encryption occur directly on your device, meaning no data is transmitted to our servers. This ensures that your passwords and sensitive data remain under your control at all times.
2. Password Encryption
When using our Password Encryption feature, your passwords are encrypted using asecret phrase. This encryption happens locally in your browser, and LockBoxApp does not store or have access to the secret phrase or encrypted passwords.- 3. Local Storage for Encrypted Passwords: Our Encrypted Password Storage feature allows users to optionally save encrypted passwords with aliases directly on their device using IndexedDB. This data remains on your device, and LockBoxApp has no access to it. However, IndexedDB is experimental and may be subject to clearing if browser data or cache is removed. We recommend backing up critical data securely elsewhere, as this storage is intended for local convenience.
4. Image Processing: All image operations, including watermarking, are processed locally in your browser. No data is transmitted to or stored on our servers.
5. Data Protection: Since LockBoxApp currently does not save any data, there is no risk of data breaches or unauthorized access to your passwords. All processing is done on the client side, ensuring your data stays secure on your own device.
6. Future Security: We are committed to continually improving security as we introduce new features. In the future, we plan to offer an optional feature to save encrypted passwords and aliases locally on your device using IndexedDB, a secure, browser-based storage solution. Even then, all data will remain encrypted and stored locally, ensuring that your sensitive information never leaves your device.
7. HTTPS Encryption Our entire platform operates over a secure HTTPS connection. This encryption ensures that any communication between your browser and our service is safe from interception.
8. User Responsibility: We encourage users to follow best practices, such as:
Keeping your secret phrases confidential. Regularly updating your passwords. Using a strong and unique password for each of your accounts.9. LockBoxApp does not store or save any IP address data entered into our IP Geolocation Checker tool. All geolocation data is fetched directly from ipwhois.io and used only for display purposes.
10. Transparency LockBoxApp will always keep users informed about any changes to our security practices. As we add new features, we will update this page to reflect how they impact your data security.
Important Reminder
When using LockBoxApp to generate and encrypt your passwords, it's critical to remember your secret phrase and store your encrypted passwords safely.
Since LockBoxApp does not save or store any data, if you lose your secret phrase or encrypted password string, it will be impossible to recover the original password. To avoid being locked out of your accounts, we strongly recommend:
Setting up a recovery method (such as an email, phone number, or security questions) with any online service where you are using encrypted passwords. Backing up your encrypted password strings securely. Using a password manager to store both your encrypted passwords and the secret phrases used to encrypt them. Taking these extra steps will help ensure that you can regain access to your accounts if you forget your secret phrase.