Loading...
Use arrow keys to navigate, Enter to select, Escape to close menu.
Loading...
Straightforward answers about how our free encryption tools work and how we protect your privacy.
Zero-knowledge means we never have access to your unencrypted data or your encryption keys. All encryption happens in your browser using AES-256-GCM before anything leaves your device. Your 256-bit encryption key is generated locally and never transmitted over the network. Even if our servers were compromised, your data would still be protected — without your key, the encrypted output is indistinguishable from random data. A brute-force attack against a 256-bit key would require checking 2^256 (about 1.1 × 10^77) possible combinations — more than the estimated number of atoms in the observable universe.
Yes. AES-256 is standardized by NIST in FIPS 197 and approved for protecting U.S. government classified information up to TOP SECRET. The "256" refers to the key size in bits — there are 2^256 possible keys, a number so large (roughly 1.1 × 10^77) that even a computer checking one trillion keys per second would take billions of times longer than the 13.8-billion-year age of the universe. We use AES in GCM mode (standardized in NIST SP 800-38D), which provides both confidentiality and integrity verification. AES-256-GCM is also resistant to known attacks from quantum computers — Grover's algorithm would effectively halve the security level to 128 bits, which remains impractical to brute-force.
Your original plaintext data and encryption keys never leave your device. Encryption happens locally via the Web Crypto API before any network request is made. If you use our storage feature, what reaches our servers is AES-256-GCM ciphertext — a scrambled binary blob that, without the 256-bit key, is cryptographically indistinguishable from random noise. We store this encrypted data with no identifying metadata attached. You set the expiration time, and the encrypted data is automatically deleted after that period.
No account needed — you can start encrypting in under 10 seconds. Visit the tools page, type or upload your data, and encrypt immediately. We believe privacy tools should be available without barriers: no signup, no email, no personal information collected. The encryption runs entirely in your browser, so there's nothing to log into — your device does all the work.
Yes. Once the page loads, you can disconnect from the internet and keep using the tools. All encryption operations use the Web Crypto API — a W3C standard built into every modern browser since 2014 — and run entirely on your processor. No network requests are made during encryption or decryption. This also means your data is never transmitted during the encryption process. You only need internet to initially load the page.
We cannot recover your key — and we designed it that way. Keys are derived locally using PBKDF2 with 100,000 iterations (standardized in RFC 8018 / PKCS #5) and are never transmitted. If you lose your key, the AES-256-GCM encrypted data becomes permanently inaccessible to everyone, including us. This is a feature of zero-knowledge architecture, not a bug: with 2^256 possible keys, even a computer checking one trillion keys per second couldn't find yours within a human lifetime. We recommend storing keys in a password manager.
This website (zeyrovault.com) displays non-intrusive advertisements to cover server costs and development. The tools at tools.zeyrovault.com remain completely ad-free to provide a clean, focused encryption experience. We do not sell data, charge for features, or require accounts. Your privacy isn't the product — ads on the informational site support the free tools.
The critical difference is where encryption happens. Most services encrypt data on their servers using keys they manage — which means they could potentially access your plaintext. ZeyroVault encrypts using AES-256-GCM entirely on your device via the Web Crypto API before any data is transmitted. We never see your original content, your password, or your 256-bit encryption key. Even if compelled by a court order, we have no plaintext data or keys to hand over. This is a fundamental architectural difference, not a policy choice.
Any browser that supports the Web Crypto API — which covers over 96% of browsers in use globally. This includes Chrome (since version 37, 2014), Firefox (since version 34, 2014), Safari (since version 11, 2017), Edge, Opera, and Brave — on both desktop and mobile. The Web Crypto API is a W3C Recommendation, meaning it's a formal web standard tested across implementations. If your browser was released in the last decade, the tools will work.
Yes. Our How It Works page documents the full encryption process in detail. We use only publicly-reviewed standards: AES-256-GCM (NIST FIPS 197 + NIST SP 800-38D) for encryption and PBKDF2 (RFC 8018 / PKCS #5) with 100,000 iterations for key derivation. We do not use proprietary or custom algorithms. For technical verification, open your browser's Developer Tools (F12) and go to the Network tab — you'll see that no data is transmitted during encryption. The entire process is client-side, and the source code can be inspected in your browser.
No account, no setup — just open and start encrypting.