The most private information in your life deserves the strongest protection we can give it.
Every product talks about security. Few are this specific. Here's exactly what IvorySafe has access to, and what it doesn't.
The information we need to run your account and reach the people you designate. Nothing from inside your vault.
Your vault is encrypted on your device before it reaches us. We store it, but it stays unreadable to us. Just an encrypted block of data without the key.
"End-to-end" sounds technical, but the idea is simple. Your vault is locked on your device, travels locked, and stays locked on our servers. Only your password can open it.
When you add information to your vault, it's encrypted right there, on your laptop or phone, before it ever leaves you.
The encrypted vault is sent to our servers and stored as we received it. We never see the unlocked version, because we never have it.
Your password is the key. We don't store it, we don't have a copy, and we can't reset it. That's the trade-off, and it's the point.
We built IvorySafe knowing it would hold the most sensitive information in your life. These principles were not bolted on later.
Your vault is encrypted on your device before it reaches us. Encrypted in transit, encrypted at rest, and unreadable to anyone without your password, including us.
Hosted on Digital Ocean with AWS for encrypted storage and backups. We follow SOC 2 standards from day one.
Digital Ocean + AWS S3Every login is verified by a one-time code sent to your phone. You can choose to trust a device for 30 days at a time, so you're not entering a code every visit.
You decide who can access your vault if something happens, and you set how long IvorySafe waits before releasing it. Anywhere from 6 hours to 2 weeks, per person.
No company can promise nothing will ever go wrong. But because of how IvorySafe is built, the worst-case scenario for our servers is not the worst-case scenario for your vault.
If our servers were breached tomorrow, the attacker would have a pile of encrypted data they couldn't read. Not the data itself. Not the passwords. Just locked files with no key.
End-to-end encryption is powerful, but it shifts some responsibility back to you. This is how it splits.
So that one of the hardest moments of their lives doesn't also become the most chaotic.