Secure & Private

Industry standard 256-bit encryption and end-to-end encrypted sync means your data remains secure and private, even from us.

Built With Apple Technologies

As people who use iPhone, iPad, and Mac we designed Minimalist from the ground up to use Apple's latest security technologies:

• Face ID, Touch ID, and Unlock with Apple Watch.
• Secure Enclave and Apple Keychain for secure storage of cryptographic keys.
• Apple's Security framework for generating cryptographically secure random data.
• Apple's CryptoKit framework for performing cryptographic functions.
• The Swift Programming Language to minimize runtime errors.
• iCloud for secure and private syncing of end-to-end encrypted data.

As a result Minimalist is super secure, completely private, and really fast.

How Minimalist Secures Your Data

Minimalist uses a combination of Apple technologies, industry standards, and security best practices to ensure your data remains secure and private, even from us.

Here's how it works:

Tools & Frameworks

• Apple's Security framework is used to generate cryptographically secure random data.
• Apple's CryptoKit framework is used to perform all cryptographic functions.
• Secure Enclave and Apple Keychain is used to securely store cryptographic keys on device.

Master Password

• Your plain-text Master Password is never stored or synced anywhere. Instead HKDF is used to generate a 256-bit key suitable for encryption.
• This key is encrypted using the Secure Enclave (where available), then securely stored on device in Apple Keychain in order to enable unlock with Touch ID, Face ID, and Apple Watch.

Encryption, Storage, and Sync

• Your data is encrypted using the ChaCha20-Poly1305 cipher.
• Your data is stored and synced fully encrypted. Decryption is only performed on device in memory after unlock via Touch ID, Face ID, Apple Watch, or Master Password.
• Your data is synced fully encrypted via an iCloud private database.
• Local data is stored encrypted inside a SQLite database which can be inspected on Mac at:
  • ~/Library/Group Containers/group.ca.jeffreyfulton.MiniPass/Library/Application Support/RecordStore/Production/recordStore.sqlite

Completely Private

Minimalist syncs exclusively via your iCloud account's private database. Only devices signed into your iCloud account can access this private database. This means your data is completely private, even from us.

Minimalist also uses end-to-end encryption when syncing your passwords. So even if we could access your data, we wouldn't be able to read it because it's encrypted using the Master Password that only you know.

Still Unsure?

We completely understand. Knowing who to trust in software can be really difficult. A little skepticism is probably a good thing when it comes to protecting our passwords.

The best we can do is gather information, ask questions, and then determine which app developers are worthy of our trust.

So when you are ready, please reach out to us at hello@minimalistpassword.com and give us a chance to address your concerns. We'd love to hear from you!