Security Factors Explained
Get a clear understanding of how Cipherwill's encryption works with various security factors, ensuring your digital assets are protected at every step.
What are Security Factors?
Security factors are cryptographic pillars. Instead of relying on vulnerable centralized databases, Cipherwill uses these factors as unique inputs to derive local encryption keys. Your keys unlock the vault, ensuring only you or your designated beneficiaries can decrypt your data.
On-Device Generation
Factors trigger a local key-derivation function. We generate highly secure 256-bit entropy seeds directly in your browser. Our servers never see your password, passkey, or private key.
Supported Factors
Choose from industry-grade authentication devices and decentralized cryptographic vectors.
Master Password
User-generated client passphrase
A secure, user-managed password. We apply intense key-stretching (PBKDF2 with SHA-256) on your local device to generate robust cryptographic locks.
FIDO2 Keys
Hardware cryptographic credential
Industry-standard hardware keys that resist phishing attacks by using asymmetric cryptography tied specifically to our origin hostname.
YubiKeys
Physical authenticator device
Integrate premium hardware authenticators. Decryption keys are unlocked via hardware-bound touch-to-approve user actions.
Device Passkeys
Biometric Hardware Auth
Leverage TouchID, FaceID, or Windows Hello. Generates unique, tamper-proof device credentials that are completely un-phishable.
Web3 Wallets
MetaMask & Ethereum keys
Sign on-device payloads with your Web3 keys. Cipherwill uses standard elliptic curve cryptography to link your decentralized identity securely.
Encryption Status Matrix
The table below maps how your cryptographic protection scales depending on the security factors configured on both your account and your beneficiary's pipeline.
| My Vault Node | Beneficiary Node | End-to-End Result |
|---|---|---|
Unsecured | Unsecured | Data is completely unencrypted across both endpoints. |
Secured | Unsecured | Data is securely encrypted for your vault, but remains unencrypted for your beneficiary's delivery pipeline. |
Unsecured | Secured | Data is unencrypted for your primary access, but securely pre-encrypted for beneficiary delivery. |
Secured | Secured | Full End-to-End Cryptographic Security. Maximum privacy and secure delivery unlocked for both endpoints.Recommended |
Trust should be
mathematical,
not corporate.
We don't believe in security theater or blind faith. From server survivability to data subpoena protection, we have documented every policy in absolute, rigorous detail.
Confronting your deepest concerns.
How does Cipherwill verify my death before providing data to beneficiaries?
DetailsCipherwill releases access to your data based on the will execution timeline and verification of your death or inactivity.
What happens if my beneficiaries aren't tech-savvy? Is there support for them to access the data?
DetailsCipherwill ensures that your beneficiaries, regardless of their tech skills, can easily access your data with minimal effort.
Can my data be accessed or subpoenaed by governments or law enforcement agencies?
DetailsCipherwill ensures that your data is fully protected by encryption and can only be accessed by you or your beneficiaries.
Be ready for tomorrow.
Legacy planning isn't about the end; it's about giving your loved ones complete clarity. Create a secure, automated plan for your digital assets in under three minutes.