Product

A vault built so we can't peek

A deep look at TimeLock: what lives in your vault, how time-locked access works, how sharing keeps keys out of our hands, and why the browser extension is the strongest way to use it.

The vault

Logins, notes, and files — encrypted before we ever see them

Everything in your vault is encrypted in your browser under keys derived from your master password. Content, names, fields, file bytes — the server stores only ciphertext.

  • Logins — username, password, URL, and an optional TOTP seed with live codes shown in-vault
  • Secure notes — long-form text for anything that isn't a login
  • Files & documents — encrypted client-side before upload; the server holds opaque bytes
  • Folders, favorites, trash, and search — all client-side, over data only you can decrypt
  • A password generator, auto-lock, and clipboard auto-clear built in
Scheduled access

Secrets that only open on schedule

The signature feature. Mark an item as openable only during defined windows — outside them a server-held wrap layer keeps it sealed, so it's not a UI rule you can click past. The server's clock is authoritative, and it gates time, never content.

  • Window types: always, daily, weekly, monthly, an absolute date range, or an advanced cron rule
  • A live preview of the next five open windows and a countdown-to-open on every locked item
  • Cryptographically enforced: outside the window even the owner's own client can't decrypt the item
  • Scheduled items need you online during the window — the server participates in every unlock, and every one is audited
Sharing & org vaults

Share a secret without ever sharing it with us

Sharing seals an item's key to the recipient's public key — computed on your device. The server relays sealed boxes it cannot open; it never sees a decryption key.

  • Share individual items with other TimeLock users on Pro and Team
  • Team is billed per seat — org vaults with Owner, Member, and Viewer roles are coming soon
  • Break-glass: an out-of-window emergency request that needs approval and is loudly audited
  • Optional org escrow recovery — opt-in only, and always disclosed to every member
Browser extension

Autofill — and the answer to "can I trust the JavaScript?"

The TimeLock extension (Chrome, Firefox, Edge — Manifest V3) autofills stored logins on matching pages. Because it's packaged and signed through the browser web stores, its code can't be swapped per-request by a server — making it the strongest-assurance way to use TimeLock.

  • Same API, same crypto, same two-stage unlock as the web vault
  • Keys live only in the extension's memory — auto-lock, never persisted to disk
  • Store-signed packaging makes a tampered-client attack detectable and narrow
  • Desktop clients, self-hosting, and a React Native mobile app are on the roadmap
Security & recovery

Layered sign-in, honest recovery

Signing in and unlocking your vault are two different things — and losing your master password has exactly one recovery path, which we make you set up on day one.

  • Passwordless email-code sign-in, with optional TOTP or passkey (WebAuthn) 2FA
  • A separate master-password unlock on top — Argon2id in-browser, keys held only in memory
  • A mandatory Recovery Kit at setup — the only way back from a forgotten master password
  • Lose both, and your data is permanently unrecoverable — by design, and we say so up front

Read the full security page and threat model →

Who uses TimeLock

Built for secrets that deserve rules

From one person's passwords to a team's production credentials.

Individuals

A real password manager — logins, notes, TOTP codes, files — plus guardrails you set for yourself: a savings login that only opens on payday, a wallet seed you can't impulse-check.

Engineers & operators

Keep production credentials openable only during business hours, share on-call secrets without email, and get an append-only audit trail of every unlock — with break-glass for real emergencies.

Teams & orgs

Per-seat team accounts, sharing that never exposes keys to the server, opt-in escrow recovery that's always disclosed to members, and a year of audit retention — with org vaults and roles coming soon.

Ready for a vault that can't be read — even by us?

Start a free trial today. Your master password never leaves your browser, and any secret can be locked to a schedule.