About FortiKey
What is FortiKey?
FortiKey is a modern, high-security password management platform designed around the principle of Zero-Knowledge Architecture.
Unlike traditional applications where the server stores and manages your passwords, FortiKey forces all encryption and decryption to occur directly on your local device. The server only receives and synchronizes completely unreadable, randomized jumbles of data.
The Master Password - The only key
With extreme privacy comes extreme responsibility. Your Master Password is the absolute only key that can decrypt your vault. It is never transmitted to us. We will never know it.
- If you forget it, your data is gone forever.
- There is no "Forgot Password" capability.
- Even the system administrators cannot unlock your vault.
Recommendation: Write your Master Password on a physical piece of paper and lock it in a safe place, or memorize a long Passphrase.
How it works under the hood
When you unlock your vault, FortiKey runs millions of cryptographic hashing cycles natively in your browser using PBKDF2 to derive your true AES-256-GCM encryption key from your Master Password.
Whenever you create or modify a password item, it is encrypted and sealed locally before taking flight over the network to be safely synchronized. Anyone intercepting the database, including the developers, gets absolutely nothing useful.