Skip to content
VERA
Open VERA

Set up your vault & recovery key

Your vault and recovery key are the two things protecting your encrypted data. Here's what they are, how they work, and how to keep them safe.

What is the vault?

Your VERA vault is the encrypted container that holds everything sensitive: your credentials, your documents, your private keys. It's encrypted on your device using your vault password before anything leaves your machine.

This means VERA's servers never see your unencrypted data. If someone broke into VERA's infrastructure, they'd find encrypted blobs they couldn't read.

Your vault password

Your vault password is not your login password. You use it to unlock your vault after logging in. Think of login as getting through the front door, and the vault password as unlocking the safe inside.

What it does:

  • Encrypts and decrypts your vault contents on your device
  • Is never sent to VERA — it stays local

What it doesn't do:

  • It is not your account login
  • It cannot be reset by VERA if you forget it
No reset option

VERA cannot reset your vault password. If you forget it, your only option is to use your recovery key to regain access. If you've lost both, the data in your vault is permanently inaccessible — this is a feature, not a bug. No one can coerce VERA into decrypting your vault for them.

Your recovery key

Your recovery key is a 12-word phrase generated when you create your account. It is the backup for your vault password.

If you forget your vault password, you can use your recovery key to set a new one and regain access to your vault.

How the recovery key works

VERA uses Shamir Secret Sharing under the hood. Your vault encryption key is mathematically split into multiple shards. Your recovery key lets you reconstruct enough shards to regenerate your vault key.

This is the same technology used by high-security cryptocurrency hardware wallets. The key insight: no single piece of the puzzle gives an attacker your data. They need the combination.

Where to store your recovery key

The best place is a password manager. Good options:

  • 1Password — can store secure notes alongside your passwords
  • Bitwarden — open-source, free tier available
  • iCloud Keychain — convenient but iOS/macOS only
  • Paper, locked in a safe — offline backup, highly secure if physically secure
Avoid these

Don't store your recovery key in: unencrypted notes apps, your email drafts, a screenshot in your camera roll, or a sticky note. Any of these could expose your key to someone with access to your device or account.

What happens if you lose your vault password

  1. On the login screen, click Forgot vault password
  2. Enter your 12-word recovery key
  3. Set a new vault password
  4. VERA will generate a new recovery key — save this immediately
New key, same vault

Resetting your vault password via recovery key generates a new recovery key. Your existing vault contents are preserved — only the key changes. Make sure you save the new recovery key; the old one is invalidated.

Next
Personal vs Organisation account
Last updated 16 April 2026