Frequently asked questions

No. Your vault is encrypted on your device using AES-256-GCM before anything leaves your browser. The encryption key is derived from your master password locally — we never receive it. What we store is ciphertext that is mathematically unreadable without your key. Not even us.

Your vault becomes permanently inaccessible. This is an unavoidable consequence of zero-knowledge encryption — because we cannot decrypt your vault, we also cannot recover it. We strongly recommend storing your master password somewhere safe offline, such as written down and locked away.

We use a technique called k-anonymity via Have I Been Pwned. Your password is hashed locally, and only the first 5 characters of that hash are sent to the API. The API returns all hashes matching those 5 characters, and we check for a match entirely on your device. Your actual password never leaves the browser.

If we ever discontinue the service, you will receive at least 90 days notice with full ability to export your vault data. You can export at any time from the vault settings — we will never lock you in. Your data is yours.

Not yet. HexVault is currently in early access and a formal third-party security audit is planned before public launch. In the meantime, the architecture is fully documented on our security page. We believe in transparency over marketing claims.

Yes. Encrypted vault data is backed up automatically. The backups are also encrypted — because we only ever store ciphertext, the backups are as secure as the live data. We also recommend using the vault export feature periodically as your own personal backup.

Yes — HexVault supports import from Bitwarden, 1Password, LastPass, Chrome, Firefox, Edge, Safari, KeePass, and Dashlane. Go to Settings → Data → Import Passwords inside the vault.

HexGuard is HexVault's built-in AI security engine. It continuously analyses your vault, scores every password, identifies breach exposure, flags reuse, and fixes issues with a single action. It explains everything in plain English. Available on Pro, Family, Team, and Enterprise plans.

HexVault has five tiers: Personal (£3.99/mo), Pro (£6.99/mo), Family (£9.99/mo, up to 6 members), Team (£8.99/seat/mo, up to 50 members), and Enterprise (custom pricing). All plans include a 14-day free trial. See the pricing page for a full feature comparison.

HexVault is hosted in the United Kingdom and European Economic Area. All data is subject to UK GDPR and the Data Protection Act 2018. We are registered in England and Wales. See our sub-processors page for a full list of infrastructure providers.