Your passwords stay encrypted. We can't see them. Only you hold the key.
Zecuri encrypts your vault on your device. Sync securely across Chrome and iOS. Open source, EU-built, privacy-first.
Why Zecuri?
Zero-Knowledge Encryption
Your master password is processed on your device using Argon2id, a modern password hashing algorithm. It never leaves your device. Your vault is encrypted with AES-256-GCM before any data reaches our servers. The Zecuri server stores only signed sync metadata — it cannot decrypt your vault. Not even Zecuri employees can see your passwords.
Learn about our security →Cross-Device Sync Without Compromise
Changes to your vault sync across Chrome and iOS within seconds. Each device has a unique Ed25519 signing key. The sync protocol uses Hybrid Logical Clocks for causal ordering — conflicts are resolved automatically, and you always have the final say. No central server needed; peers discover each other and sync directly.
Understand the sync protocol →Open Source & Transparent
Zecuri's sync protocol, vault encryption, and client code are open for review on GitHub. We've documented all architecture decisions (ADRs) and completed a security audit covering dependency CVEs, threat modeling, and cryptographic verification. No hidden code, no closed-source components in the critical path.
Review on GitHub →Built in Sweden, GDPR-Ready
Zecuri is built by Linespotting AB, a Swedish company. We comply with GDPR Article 13/14 data protection requirements. No analytics, no telemetry, no tracking. No secondary authentication. One master password — that's all you need.
Read our privacy policy →How Zecuri Compares
| Feature | Zecuri | LastPass | 1Password | Bitwarden |
|---|---|---|---|---|
| Zero-Knowledge Vault | ✅ Full | ⚠️ Partial | ✅ Full | ✅ Full |
| E2E Encrypted Sync | ✅ All devices | ⚠️ Limited | ✅ Full | ✅ Full |
| Open Source | ✅ Client + sync | ❌ Closed | ❌ Closed | ✅ Client + server |
| EU-Based | ✅ Sweden | ❌ USA | ❌ Canada | ⚠️ Global |
| Cross-Device | ✅ Chrome + iOS | ✅ Full | ✅ Full | ✅ Full |
| Master Password Only | ✅ Yes | ❌ No | ⚠️ Optional 2FA | ✅ Yes |
| No Analytics | ✅ Zero | ❌ Usage tracking | ⚠️ Minimal | ✅ Zero |
Zecuri is still early (MVP). LastPass, 1Password, and Bitwarden have more features (TOTP, breach alerts, family plans). We're building them. For now, Zecuri wins on zero-knowledge architecture and privacy.
Frequently Asked Questions
How do I recover my account if I forget my master password?
You can't — and that's intentional. Your master password is the root of all encryption keys. If you forget it, no one (not even Zecuri) can recover your vault. Choose a master password you'll remember. We recommend a long passphrase (e.g., "correct horse battery staple").
Can Zecuri employees see my passwords?
No. Your vault is encrypted on your device before it ever leaves it. Zecuri servers store only signed sync metadata. The encryption key never reaches our servers. Not even with a court order can we decrypt your vault.
What if your servers are hacked?
Our servers store only Ed25519-signed sync metadata. Even if attackers gain access, they get signed metadata, not passwords. Your vault data is encrypted with AES-256-GCM. The encryption keys are derived from your master password on your device.
Do you sell my data?
No. We don't collect analytics, telemetry, or behavioral data. We don't have a business model that depends on monetizing user data. Zecuri is built for privacy advocates who expect privacy by default.
Ready to get started?
Install Zecuri on Chrome and iOS. Your vault stays encrypted. You stay in control.