How it works Pricing Security Help About Log in Start free trial
End-to-end encrypted

Built so we can't read your vault, even if we wanted to.

The most private information in your life deserves the strongest protection we can give it.

The honest version

What we can see, and what we can't.

Every product talks about security. Few are this specific. Here's exactly what IvorySafe has access to, and what it doesn't.

What we can see

The basics, to run your account.

The information we need to run your account and reach the people you designate. Nothing from inside your vault.

  • Your name and email
  • Your phone number, used to verify it's you when you log in
  • Your subscription status, handled by Stripe
  • When you logged in, from what device
  • The emergency contacts you add, including their name, email, and phone, which we use to reach them
  • The emails and texts we send for and to you, like the invitation an emergency contact receives when you add them
  • Which sections you've started or completed, but never what's inside them
What we can't see

Anything inside your vault.

Your vault is encrypted on your device before it reaches us. We store it, but it stays unreadable to us. Just an encrypted block of data without the key.

  • Your account password, the key that unlocks your vault, which never leaves your device
  • Account numbers, passwords, or PINs
  • Documents, files, or photos you've uploaded
  • Information about your family, home, or finances
  • Anything written, uploaded, or saved inside the app
How end-to-end encryption works

Encrypted before it leaves your device.

"End-to-end" sounds technical, but the idea is simple. Your vault is locked on your device, travels locked, and stays locked on our servers. Only your password can open it.

1

Locked on your device

When you add information to your vault, it's encrypted right there, on your laptop or phone, before it ever leaves you.

2

Travels locked

The encrypted vault is sent to our servers and stored as we received it. We never see the unlocked version, because we never have it.

3

Only you hold the key

Your password is the key. We don't store it, we don't have a copy, and we can't reset it. That's the trade-off, and it's the point.

The full picture

Four things we got right from day one.

We built IvorySafe knowing it would hold the most sensitive information in your life. These principles were not bolted on later.

True end-to-end encryption

Your vault is encrypted on your device before it reaches us. Encrypted in transit, encrypted at rest, and unreadable to anyone without your password, including us.

Built to SOC 2 standards

Hosted on Digital Ocean with AWS for encrypted storage and backups. We follow SOC 2 standards from day one.

Digital Ocean + AWS S3

Multi-factor authentication

Every login is verified by a one-time code sent to your phone. You can choose to trust a device for 30 days at a time, so you're not entering a code every visit.

Emergency contacts you control

You decide who can access your vault if something happens, and you set how long IvorySafe waits before releasing it. Anywhere from 6 hours to 2 weeks, per person.

In the unlikely event

What happens if there's a security incident.

No company can promise nothing will ever go wrong. But because of how IvorySafe is built, the worst-case scenario for our servers is not the worst-case scenario for your vault.

If our servers were breached tomorrow, the attacker would have a pile of encrypted data they couldn't read. Not the data itself. Not the passwords. Just locked files with no key.

  • We would notify affected users promptly, with clear next steps.
  • We would explain what we know, what we don't, and what we're doing.
  • Vault contents would remain encrypted and unreadable to anyone without your password.
Working together

What we handle, and what's on you.

End-to-end encryption is powerful, but it shifts some responsibility back to you. Here's the honest split.

On our side

What we handle

  • Encrypting your vault Before it leaves your device, automatically.
  • Secure infrastructure Digital Ocean hosting with AWS S3 for encrypted storage, built to SOC 2 standards.
  • Multi-factor authentication Every login is verified with a one-time code, with the option to trust a device for 30 days.
  • Honest reporting If something happens, you'll hear from us first, clearly.
On your side

What's up to you

  • Choosing a strong password This is the one key. A password manager is the best way to store it.
  • Keeping that password somewhere safe We can't recover it for you. If you lose it, the vault is gone.
  • Picking emergency contacts thoughtfully Choose people you trust completely, and set timeframes you're comfortable with.
  • Holding onto your login phone number The number you verify at signup is required for every login, so keep access to it.
Security questions

The honest answers.

If you can't read my vault, how do I log in?
Two separate systems are doing the work here, and they don't overlap. One verifies your identity: we text a one-time code to your phone to confirm it's your account, and that code has nothing to do with encryption. The other is your password, which is the real key to your vault. It's entered on your device, never sent to us, and it's what decrypts your data locally, where only you can read it.
What happens if I forget my password?
Because IvorySafe is truly end-to-end encrypted, even we can't recover your password. That's what makes it secure, and it's also the trade-off. The best defense is using a trusted password manager, or keeping your password somewhere physically secure that you'll always be able to access.
Could a court order force you to hand over my vault?
We can be compelled to hand over what we have, which is encrypted data and the account basics listed above. We can't be compelled to hand over the vault contents because we don't have them in a readable form. Only your password can decrypt them, and we don't have your password.
Where is my data physically stored?
Your encrypted vault data is stored on AWS S3. Our application runs on Digital Ocean infrastructure. Both providers have data centers in the United States with full redundancy and physical security. Because everything is encrypted on your device before it leaves it, the storage provider sees only encrypted data.
What does "built to SOC 2 standards" mean?
SOC 2 is a security framework that companies handling sensitive data are expected to follow. We've built IvorySafe to those standards from day one, applying the same controls and practices a SOC 2 audit would look for.
Can I trust a device and skip the verification code?
Yes. When you log in, you can choose to trust the device you're on for 30 days. During that window, you won't need to enter a verification code on that device. After 30 days, you'll be asked to verify again.

Give your family what they'll need.

So that one of the hardest moments of their lives doesn't also become the most chaotic.

From $4.92/month · Cancel anytime · End-to-end encrypted