Secure & Private
Industry standard 256-bit encryption and end-to-end encrypted sync means your data remains secure and private, even from us.
Built With Apple Technologies
As people who use iPhone, iPad, and Mac we designed Minimalist from the ground up to use Apple's latest security technologies:
- Face ID, Touch ID, and Unlock with Apple Watch.
- Apple Keychain for secure storage of cryptographic keys.
- Use of Secure Enclave on Apple Silicon and SoCs.
- Apple's Security framework for generating cryptographically secure random data.
- The Swift Programming Language to minimize runtime errors.
- iCloud for secure and private syncing of end-to-end encrypted data.
As a result Minimalist is super secure, completely private, and really fast.
How Minimalist Secures Your Data
Minimalist uses a combination of Apple technologies, open-source frameworks, industry standards, and security best practices to ensure your data remains secure and private, even from us.
Here's how it works.
Tools & Frameworks
- Apple's Security framework is used to generate cryptographically secure random data.
- The open-source CryptoSwift framework is used for all other cryptographic functions.
- Apple Keychain is used to store cryptographic keys on device.
- Your plain-text Master Password is never stored or synced anywhere. Instead HKDF is used to generate a 256-bit key suitable for encryption.
- This key is securely stored on device in Apple Keychain to enable unlock with Touch ID, Face ID, and Apple Watch.
Encryption, Storage, and Sync
- Your data is encrypted using the ChaCha20 cipher.
- Your data is stored and synced fully encrypted. Decryption is only performed on device in memory after unlock via Touch ID, Face ID, Apple Watch, or Master Password.
- Your data is synced fully encrypted via an iCloud private database.
- Local data is stored encrypted inside a SQLite database which can be inspected on Mac at:
- ~/Library/Group Containers/group.ca.jeffreyfulton.MiniPass/Library/Application Support/RecordStore/Production/recordStore.sqlite
Minimalist syncs exclusively via your iCloud account's private database. Only devices signed into your iCloud account can access this private database. This means your data is completely private, even from us.
Minimalist also uses end-to-end encryption when syncing your passwords. So even if we could access your data, we wouldn't be able to read it because it's encrypted using the Master Password that only you know.
We completely understand. Knowing who to trust in software can be really difficult. A little skepticism is probably a good thing when it comes to protecting our passwords.
The best we can do is gather information, ask questions, and then determine which app developers are worthy of our trust.
So when you are ready, please reach out to us at firstname.lastname@example.org and give us a chance to address your concerns. We'd love to hear from you!
Welcome to Minimalist
Questions? Suggestions? Feedback?
We're on a mission to make Minimalist the best password manager for iPhone, iPad, and Mac. We'd love to hear from you!
Start Loving Your Password Manager Again
Try Minimalist for free with a 10 password limit. No credit card or subscription required. Never expires.