Your passwords stay encrypted. We can't see them. Only you hold the key.

Zecuri encrypts your vault on your device. Sync securely across Chrome and iOS. Open source, EU-built, privacy-first.

Zero-knowledge by design Built in Sweden No analytics or tracking
Why Zecuri

Privacy isn't a setting. It's the architecture.

The moment a password manager can read your vault, so can anyone who breaches it. Zecuri is built so that can't happen.

Zero-Knowledge Encryption

Your master password is processed on your device using Argon2id and never leaves it. Your vault is encrypted with AES-256-GCM before any data reaches our servers, which store only signed sync metadata. Not even Zecuri employees can see your passwords.

Learn about our security →

Cross-Device Sync Without Compromise

Changes sync across Chrome and iOS within seconds. Each device has a unique Ed25519 signing key, and the protocol uses Hybrid Logical Clocks for causal ordering — conflicts resolve automatically, and you always have the final say.

Understand the sync protocol →

Open Source & Transparent

Zecuri's sync protocol, vault encryption, and client code are open for review. Every architecture decision is documented (ADRs), and a security audit covers dependency CVEs, threat modeling, and cryptographic verification. No closed-source components in the critical path.

Review on GitHub →

Built in Sweden, GDPR-Ready

Zecuri is built by LineSpotting AB, a Swedish company, with all processing inside the EEA. It complies with GDPR Article 13/14. No analytics, no telemetry, no tracking. No secondary authentication. One master password — that's all you need.

Read our privacy policy →
Compare

How Zecuri compares

An honest look at where Zecuri stands today against the established names.

Feature comparison between Zecuri, LastPass, 1Password, and Bitwarden
Feature Zecuri LastPass 1Password Bitwarden
Zero-knowledge vault Full Partial Full Full
E2E encrypted sync All devices Limited Full Full
Open source Client + sync Closed Closed Client + server
EU-based Sweden USA Canada Global
Cross-device Chrome + iOS Full Full Full
Master password only Yes No Optional 2FA Yes
No analytics Zero Usage tracking Minimal Zero

Zecuri is still early (MVP). LastPass, 1Password, and Bitwarden have more features today — TOTP, breach alerts, family plans — and Zecuri is building them. For now, Zecuri wins on zero-knowledge architecture and privacy.

FAQ

Frequently asked questions

How do I recover my account if I forget my master password?

You can't — and that's intentional. Your master password is the root of all encryption keys. If you forget it, no one (not even Zecuri) can recover your vault. Choose a master password you'll remember; a long passphrase like "correct horse battery staple" works well. You can also store your master password in another password manager — yes, really.

Can Zecuri employees see my passwords?

No. Your vault is encrypted on your device before it ever leaves it. Zecuri servers store only signed sync metadata, and the encryption key never reaches our servers. Not even with a court order can we decrypt your vault.

What if your servers are hacked?

Our servers store only Ed25519-signed sync metadata. Even if attackers gain access, they get signed metadata, not passwords. Your vault data is encrypted with AES-256-GCM, and the keys are derived from your master password on your device.

How does sync work if the server can't see my vault?

Sync metadata — not vault data — is signed with your device's Ed25519 key and stored on our servers. When syncing, devices check signatures to verify the metadata is authentic. Vault data is encrypted per item with AES-256-GCM. The server is stateless; devices do the heavy lifting.

Do you sell my data?

No. We don't collect analytics, telemetry, or behavioral data, and we have no business model that depends on monetizing it. Zecuri is built for people who expect privacy by default.

Can Zecuri access my passwords if I'm hacked?

If your device is compromised by malware, an attacker with access could steal your vault. That's a device-level threat, not a Zecuri flaw — Zecuri can't protect against keyloggers or malware. Keep your device secure with OS updates and a strong device lock.

Why is Zecuri still early?

The core security architecture — sync, vault, crypto — is complete. We're building more: a Firefox extension, an Android app, passkey support, TOTP, and breach alerts. We're also moving to OPAQUE for password-authenticated key exchange (post-MVP hardening).

How much does Zecuri cost?

Zecuri is free. No premium tier, no paid plan. It's funded by LineSpotting AB, our Swedish parent. We believe password managers should be affordable and private.

Do you have a family plan?

Not yet. On the roadmap, multi-vault support (Phase 2) will enable family and team scenarios. For now, each person installs Zecuri independently.

Is my data backed up?

Yes. Zecuri syncs your vault across devices, and each device holds a copy of your encrypted vault. If you lose one device, your vault is still on the others. Local encrypted export is in progress.

Ready to get started?

Install Zecuri on Chrome and iOS. Your vault stays encrypted. You stay in control.