Trust & security

Why Lockrs exists, what it protects, and what you can verify yourself in the repository.

Open sourceLocal-only vaultArgon2idAES-256-GCMzeroizeNo telemetry

Why Lockrs exists

Most password managers I tried were closed source and run by companies I cannot audit.

I built Lockrs to keep the vault local, ship the code in public, and state security claims you can actually check.

Built by St3ix.

With closed source you trust marketing. You cannot see how crypto, logging, or sync are implemented.
Open source does not mean perfect. It means the behavior is visible — and forkable if you disagree.
Lockrs uses Argon2id and AES-256-GCM. The docs and the repo are where those details live.

Master password never stored
Only an Argon2id fingerprint is saved for unlock checks.
Encrypted at rest
AES-256-GCM on every entry. Copy the vault file without the password and it is useless.
Keys cleared from RAM
Lock drops session keys. Panic also clears the clipboard and zeroizes sensitive memory in Rust.
While unlocked
Someone at your keyboard can see what you see. Use Panic.

Panic locks the vault and returns you to the unlock screen — no confirmation step.

It also clears the clipboard and wipes sensitive data from memory so copied passwords do not linger.

Nothing on disk is deleted. You need your master password again, same as after a normal lock.