Accounts are optional. They unlock API keys, SSL-expiry monitoring, domain parking and saved preferences.
Zero-knowledge by design
Your password is also your encryption key. When you sign up, your data is encrypted in your browser before it ever reaches us — we store only ciphertext and never see your password. That’s why a normal “email me a reset link” flow doesn’t exist.
Your recovery key
At sign-up you’re shown a one-time recovery key. It’s the only way back into your account if you forget your password — store it somewhere safe. We can’t recover it for you, by design. Use it on the reset page to set a new password; your data is re-encrypted in your browser.
Changing your password
Settings → Change password re-wraps your keys in the browser under the new password (your data isn’t re-encrypted and nothing is sent in the clear). For security you’re signed out everywhere afterward and asked to sign in again.
What’s encrypted how
- Personal data (your keys/vault) is zero-knowledge — only you can decrypt it.
- Operational data the service must read to do its job (e.g. the hostnames you monitor) is encrypted at rest with a server-held key. Honest encryption-at-rest, not zero-knowledge.