Security & privacy
Your secrets never leave your device.
KeyRote is built so the things you're memorizing stay on your iPhone, under your control. Here's exactly how — in plain terms — and how you can check it for yourself.
Verified against the current app as of 30 June 2026
Two stores, kept apart.
A KeyRote secret is split across two places on your device. The secret value itself goes into the iOS Keychain — the same hardware-backed store iOS uses for its own passwords. Everything else — the name you gave it, dates, and your practice stats — lives in a separate on-device database.
Each side carries its own independent identifier. Your metadata has one UUID for itself, and holds a second, different UUID that points at the matching Keychain entry. So a Keychain value on its own is anonymous: there's no name attached to it, and nothing ties it back to your metadata. The app is the only thing that knows the two belong together.
•••• (encrypted)a7f3…9c20Bank card PIN4e91…1b07a7f3…9c20It works fully offline.
KeyRote has no accounts, no servers, and no network features. It doesn't phone home, show ads, or send analytics. As of this writing, the app contains no networking code, no analytics or crash-reporting SDKs, and iCloud and CloudKit sync are switched off — so your secrets and your progress simply never leave the device.
And you don't have to take our word for it.
nonenonenoneoffVerify it yourself.
iOS can show you every network connection an app makes. Turn on App Privacy Report and check KeyRote for yourself — you'll find no network activity to show.
- Open Settings → Privacy & Security → App Privacy Report.
- Turn it on, if it isn't already.
- Use KeyRote as you normally would for a while.
- Come back and look for KeyRote in the report. There's no network activity to list.
Locked behind your device authentication.
Opening KeyRote uses your phone's own authentication — your face, your fingerprint, or your passcode — the same lock that protects the rest of your device. If your phone is locked, your secrets are too. KeyRote never adds a separate password for you to remember; that would just be one more thing to forget.
Your choice, per secret.
When you add a secret, you decide how it's kept. The choice is yours, and you can make a different one for each.