Skip to content
KeyRote
Back to overview

Security & privacy

How KeyRote protects your secrets.

KeyRote only works if you trust it with the things you most need to remember. So it is built to hold as little as possible, keep it where you can see it, and let you decide how much of it can ever be read back. Here is exactly how.

Stored only on your device

Your secrets never leave your iPhone. There is no cloud copy, no sync, and no backup of them on anyone else’s servers — including ours.

Locked behind your phone

KeyRote opens with your phone’s own device authentication — your biometrics or passcode. The same lock that protects the rest of your phone protects what’s inside KeyRote.

Your choice, per secret

For each secret you decide how it is kept. Recoverable retention lets KeyRote show hints and reveals. One-way, hashed retention stores only a fingerprint of the secret — enough to check your answer, but impossible to read back. Not even KeyRote can recover it.

Under the hood

Two halves, deliberately kept apart.

Every secret you add is split across two separate stores on your device, and neither one names the other.

iOS Keychain

The secret itself

The password or code lives in the iOS Keychain — the same hardware-backed store iOS uses for its own credentials. KeyRote never keeps the secret anywhere else.

id · a1f3…e7
On-device database

Everything else

The name, the date you added it, how your reviews are going — all of it lives in a separate on-device database, with no copy of the secret in sight.

id · 9c20…b4

The two are linked only by KeyRote, running on your unlocked phone. The metadata carries its own identifier; the keychain entry carries a different, independent one. On their own, the metadata can't reveal a secret, and a stray keychain value can't be tied back to what it's for. Pull either half out of context and it tells you nothing.

No network needed

It works fully offline.

KeyRote does its whole job without a network. There's no account to create, nothing to sign in to, and no server for it to talk to. Your secrets, your schedule, and your progress all stay on your device — turn on airplane mode and nothing about the app changes.

And you don't have to take our word for it. iOS keeps its own record of which apps reach out to the network, and you can read it yourself:

  1. 1 Open Settings on your iPhone.
  2. 2 Go to Privacy & Security.
  3. 3 Tap App Privacy Report.
  4. 4 Find KeyRote — you'll see it has contacted no domains at all.

That's the whole arrangement.

Held on your device, locked behind your phone, and only as recoverable as you ask it to be. Now go learn your secrets by heart.