Does Private.Ki store my password?

No – Private.Ki does not store your password.

When you create an account and log in, we use strong encryption and protocols (such as the OPAQUE login protocol) to avoid ever seeing your raw password. Private.Ki’s servers never keep your plaintext password on disk or in memory.

Instead, we only store a cryptographic representation of your password that’s generated during the secure login process.

In practical terms, this means even if someone had access to our user database, they would not find actual passwords there, and not even a hash, which could be recoverable.

One consequence of this design is that if you forget your password, we cannot simply “remind” you of it or look it up – we don’t have it. Account recovery therefore involves resetting the password (after verifying your identity through other means) rather than retrieving the old one.

By the way, we also never store your passphrase.