Security
How we protect your most sensitive information.
End-to-end encryption
Your vault data is encrypted in your browser before it ever reaches our servers. We use AES-256-GCM for data encryption and derive keys from your password using Argon2id. We cannot read your data – only you can.
European data hosting
All data is stored on servers in the European Union, subject to GDPR and strong privacy protections. Data is encrypted at rest, encrypted in transit (TLS 1.3), and backed up daily.
Authentication & recovery
Passwords are never stored in plain text. We support two-factor authentication and provide a single-use recovery code for account access if you lose your device.
Zero-knowledge design
Our team cannot see, access, or decrypt your vault contents. Even in the unlikely event of a server breach, your data remains encrypted and unreadable without your key.
Proof-of-life protocol
Our controlled release system uses periodic check-ins to confirm you are still active. Nothing is ever released to trustees without the full protocol completing – including configurable waiting periods and multiple notification attempts.
Responsible disclosure
If you discover a security vulnerability, please report it responsibly to security@lifebeacon.io. We take every report seriously and will respond promptly.
For more about how we handle your data, see our privacy policy.