Create a ticket
Sign in Sign up
Locker support Locker support

No results found.

Home Locker Whitepaper

Locker Whitepaper

Get to know the security designed for Lockers’ products.

Secure Your Data with Locker

Secure Your Data with Locker: Protect What Matters Most.

Learn More

The main security principles of Locker.

What is Locker Password Manager?

Locker Password Manager (also referred to as Locker) is a cross-platform password management solution: Locker can be used as a Web, Mobile, Browser Extension, and Desktop application.

Main Security Principles

Trusted Data Access: We make sure you can reliably and securely manage and access your confidential data whenever and wherever you need it, whether you are offline or online.

Security Fundamentals

Encryption algorithms and protocols used in the development of Locker.

Two-secret Key Derivation

To ensure the keys stored on the Locker servers can be used only by their owners, Locker applies the two-secret key derivation in symmetric key generation for encryption and decryption of data stored on the servers.

Hash Function

A cryptographic hash function is an algorithm that maps data of an arbitrary size to a bit array of a fixed size.

Master Password

The Master Password is an important secret component in Locker’s Two-secret Key Derivation process, and is the only item a user needs to memorize for data encryption and decryption.

Encryption Keys

The other component of the Two-secret Key Derivation is the Encryption Keys, generated when a user registers a Locker account.

End-to-end Encryption

A system with End-To-End Encryption is a communication system in which all data can be read and modified only by the conversation participants.

Zero-knowledge Encryption

Zero-Knowledge Proof is a method for one party (the prover) to prove to another party (the verifier) that a statement of the prover is true without telling the verifier that statement.

AES-256-CBC Encryption

AES-256-CBC (Cipher Block Chaining), the algorithm used to encrypt Vault, is a standard cryptographic algorithm and is used by the US government and other government agencies worldwide.

Password-based Key Derivation Function 2

The PBKDF2 (Password-based Key Derivation Function 2) SHA-256 algorithm is for generating Encryption Keys from a user’s Master Password.

RSA Encryption

An RSA key pair consists of a Private Key and a Public Key. The RSA algorithm is often used for digital signature verification and key exchange problems.


The secret data storage or Vault is where all encrypted data of users is stored on the Locker servers. All of the Vault data cannot be decrypted or read without the Vault owner’s Master Password.

Cryptographically Secure Pseudorandom Number Generator

A pseudorandom number generator (PRNG) is an algorithm for generating a sequence of numbers whose properties approximate those of a sequence of random numbers.

Encryption and Decryption

Everything about Encryption and Decryption in Locker.

Account Registration

Registering a Locker account needs 2 main steps: Sign up for a Locker account and Create a Master Password.

Account Authentication

Similar to Account Registration, Account Authentication involves 2 steps: Authenticate the Locker account and Authenticate the Master Password.

Data Encryption

Locker uses the AES-256-CBC Encryption algorithm to encrypt Vault and uses the Password-based Key Derivation Function 2 algorithm to generate encryption keys for the AES-256-CBC Encryption.

Data Decryption

User data in the Vault has been fully encrypted before being saved to the Locker database. The data will be decrypted only at the Locker Client for users to access and view.

Data Sharing

The security principles of data sharing in organizations.


In addition to offering users an option of managing their confidential data with the Vault and security keys, Locker enables users to create Organizations or User Groups for sharing confidential data among group members.

Organization Initialization

When a Locker user initiates an Organization to share data, the following actions are performed: The Client generates an Org Symmetric Key encryption key for the Organization using the Cryptographically Secure Pseudorandom Number Generator.

Organization Data Sharing

One purpose of Organization Initialization in Locker is to share data among group members.

Locker Whitepaper

Get to know the security designed for Lockers’ products.


Locker uses cloud services from some of the world’s leading providers for its infrastructure. These suppliers all have to meet minimum industry standards.

Security for Locker

Product Security is paramount to Locker before we bring the product to users. We believe that securing a product is not a one-time event but a continuous process.

Join Our Community