|
|
|
|
|
|
by LelouBil
1254 days ago
|
|
|
They have a paper about their architecture. Basically, your master password is never sent, and everything is encrypted and decrypted locally. You can't audit the server side code, but you can audit the client (and compile it from source) to make sure that the encryption is local and the master password is not sent. |
|
|