1. Go to [SafekeeperLife registration page]
2. Enter your email and create a password
3. Verify your email address
4. Log in and create your first Safe

Note: Your SafekeeperLife account password is different from your Safe’s master password.

Yes! You can create multiple safes with different configurations:

• Different thresholds
• Different Keyholders
• Different credentials
• Different emergency triggers

Example use cases:

• Personal Safe (family Keyholders)
• Business Safe (colleague Keyholders)
• Separate safes by credential category

You have one account password and one master password per Safe.

Important: Don’t use the same password for both.

Yes, update your email in account settings. However:

• Your Safe designations use specific email addresses
• Changing your account email doesn’t change Keyholder/voter designations
• Keyholders must use the email address they were designated with

No. There is no password recovery mechanism. This is by design for maximum security.

Why?

• Your master password encrypts your credentials
• SafekeeperLife doesn’t store your password or encryption Key
• No one (including SafekeeperLife staff) can decrypt your Safe

What happens:

• Your credentials are permanently unrecoverable
• You must create a new Safe and re-add credentials

Prevention:

• Write down your master password and store securely (physical Safe, Safe deposit box)
• Use a memorable passphrase (e.g., “correct horse battery staple”)
• Don’t reuse passwords from other services
• Consider storing your master password in a different password manager

Not directly. To change a Safe’s master password:

1. Unlock the Safe (using old password)
2. View/export all credentials
3. Remove the old Safe
4. Create a new Safe with new master password
5. Re-add credentials
6. Lock and seal the new Safe

Note: This regenerates and redistributes Keys to Keyholders.

Yes. SafekeeperLife uses industry-standard encryption:

Encryption Details:

• AES-256-GCM for credential encryption
• PBKDF2 for password-based Key derivation (100,000+ iterations)
• Shamir’s Secret Sharing for Key splitting (k-of-n threshold)
• End-to-end encryption (we can’t see your credentials)

Security Audits:

• Comprehensive security audit completed (2025-10-28)
• Static analysis (Sobelow, Dialyzer, Credo) passes
• Property-based cryptographic testing
• See Security Audit Documentation

No. We use end-to-end encryption. Your credentials are encrypted with your master password, which we never see or store.

What we can see:

• Your account email
• Safe metadata (created date, status, number of credentials)
• Keyholder email addresses

What we CANNOT see:

• Your master password
• Your credentials (usernames, passwords, notes)
• Your encryption Key

There’s no hard limit, but we recommend:

• Practical limit: 10-50 credentials per Safe
• Performance: Safes with 100+ credentials may be slower
• Organization: Consider multiple safes for better organization

Tip: Use a password manager (1Password, KeePassXC) and store just the master password in SafekeeperLife.

Yes, but you must unlock first:

1. Navigate to the Safe
2. Click “Unlock Safe”
3. Enter your master password
4. Edit credentials
5. Lock again

After sealing: You cannot unlock a sealed Safe with your password alone. You’d need Keyholders to reveal.

No. Deletion is permanent. There’s no undo or recovery.

Prevention:

• Be careful when deleting
• Export/backup credentials before deleting
• Use “Notes” to mark credentials as “Obsolete” instead of deleting if unsure

Not currently. You must add credentials manually using the UI.

Workaround:

• Copy-paste from spreadsheet (one field at a time)
• Use credential templates for structured data entry

Future feature: Bulk import may be added later.

Yes, from an unlocked Safe:

1. Navigate to the Safe (must be unlocked)
2. Click “Export Credentials” (if available)
3. Choose format (CSV, JSON, encrypted)
4. Download the file

Security note: Exported files are not encrypted (unless you choose encrypted export). Store securely.

Minimum: Equal to your threshold (e.g., threshold=2, designate 2 Keyholders)

Recommended: Add spare Keyholders (e.g., threshold=2, designate 3-4 Keyholders)

Why spares:

• Redundancy if one Keyholder loses their Key
• Availability if one Keyholder is unreachable
• Flexibility in coordination

Example:

• Threshold: 2
• Keyholders: 4 (spouse, sibling, best friend, trusted colleague)
• Any 2 of 4 can reveal

Short answer: No, not easily.

Long answer: After sealing, Keys are distributed. To change Keyholders:

Option 1: Reveal and Re-Create

1. Coordinate with current Keyholders to reveal
2. View/export credentials
3. Remove the Safe
4. Create new Safe with updated Keyholder list
5. Seal with new Keyholders

Option 2: Create New Safe

1. Leave old Safe sealed (with old Keyholders)
2. Create new Safe with updated Keyholders
3. Add credentials to new Safe
4. Seal new Safe

Before sealing: You can freely add/remove Keyholders.

Before sealing:

• Remove them from the Keyholder list
• Add a different Keyholder

After sealing:

• If you have spare Keyholders (more than threshold), others can proceed without them
• If not, you may need to create a new Safe with different Keyholders

Example:

• Threshold: 2
• Keyholders: 4
• One declines: Still have 3 remaining, any 2 can reveal

No. Keyholders receive Key files, but a single Key reveals nothing. They need:

1. Safe to be sealed
2. A trigger condition to be met
3. Threshold (k) Keyholders to upload Keys together

Only then are credentials decrypted and visible.

During designation: No. You can designate anyone by email.

During reveal: Yes. Keyholders must register/login to upload their Key files.

Workflow:

1. You designate jane@example.com (she doesn’t need an account yet)
2. You seal the Safe → Jane receives Key via email
3. Trigger fires → Jane needs to register with jane@example.com
4. Jane logs in and uploads her Key

Safes move through different states:

1. Unlocked - Edit credentials
2. Locked - Encrypted, can’t edit
3. Sealed - Keys distributed, waiting for reveal
4. Revealed - Keyholders unlocked it
5. Removed - Deleted

See Understanding Safe States for details.

Credentials are encrypted when locked. To edit, unlock first (enter master password).

Analogy: You can’t put items in a locked Safe without opening it first.

The encryption Key has been split into shares (using Shamir’s Secret Sharing). Your password alone can’t reconstruct the Key—you need Keyholders to upload their Keys.

Cryptographic explanation:

• Lock: Password → Encryption Key → Encrypt Credentials
• Seal: Encryption Key → Split into Shares → Distribute to Keyholders
• You no longer have the full Key (Keyholders have the pieces)

No built-in test mode, but you can create a test Safe:

1. Create a new Safe with dummy credentials
2. Designate Keyholders (same people or test emails)
3. Configure a trigger (e.g., scheduled trigger with a near-future date)
4. Lock the Safe and let the trigger seal it
5. Practice the reveal process
6. Verify Keyholders can upload Keys and view credentials
7. Remove the test Safe after verifying

Best practice: Always test before relying on your production Safe.

Your Safe remains in locked state:

• Credentials are encrypted
• You can unlock anytime with your password
• Keyholders have NOT received Keys
• No reveal process can occur

When to seal:

• When you’ve finalized all credentials
• When Keyholders are correctly designated
• When you’re ready for emergency access to be possible

When NOT to seal:

• Credentials change frequently (keep locked, not sealed)
• Still adding/removing Keyholders
• Testing the setup

Reveal occurs when:

1. A trigger condition is met (inactivity, attestation, or scheduled)
2. Threshold (k) Keyholders upload their Keys

Trigger types:

• Inactivity: You haven’t logged in for X days + grace period
• Attestation: M Voters attest you’re deceased
• Scheduled: A specific date is reached

Yes. Once a trigger has sealed your Safe, you can coordinate with your Keyholders to upload their Keys and reveal the credentials.

Use cases:

• Recovering credentials after losing master password
• Changing Keyholders (reveal → remove → create new)

If Keyholders can’t reach threshold:

• Scenario: Threshold=2, only 1 Keyholder uploads Key
• Result: Safe remains sealed, credentials not accessible
• Solution: Contact other Keyholders, ensure they upload Keys

Prevention:

• Designate more Keyholders than threshold (spare Keyholders)
• Choose reliable, reachable Keyholders
• Test the reveal process before relying on it

No. Once Keyholders start uploading Keys, you cannot stop them.

Why: The reveal process is designed for emergencies where you may be unavailable.

Prevention:

• Choose trustworthy Keyholders
• Clear trigger conditions (don’t make them too sensitive)
• Communicate with Keyholders about when reveal is appropriate

Emergency triggers automatically seal your Safe (allow reveal) when specific conditions are met:

See Emergency Triggers User Guide for details.

You must configure at least one trigger before locking your Safe.

Recommendation:

• Start with inactivity trigger for long-term absence protection
• Add attestation if you have trustworthy contacts who would know of your death
• Add scheduled for age-based triggers

Limited. If you’ve enabled triggers with pre-encrypted shares, you cannot change:

• Number of Keyholders
• Threshold
• Trigger enable/disable

You CAN change:

• Inactivity days (within limits)
• Attestation vote count (within limits)
• Scheduled date (within limits)

Why restrictions: Pre-encrypted shares are generated during lock. Structural changes invalidate them.

Your credentials remain recoverable. SafekeeperLife maintains database backups, and your Keyholders already have their Key files. If the service shuts down:

1. You (or your designated recipients) will receive a Safe export file – a portable file extracted from our database containing your encrypted credentials
2. You will receive the Safe Recovery Tool – an open-source application that decrypts your credentials offline

Recovery depends on your Safe’s state:

Important: No data is lost. No keys are needed from SafekeeperLife. Everything required for recovery is already in your possession (your password or your Keyholders’ Key files).

For full details, see the Data Continuity Guide.

Yes. Key files (the QR code PNGs) are essential for recovering a sealed Safe. Keyholders should:

• Store the original PNG file in a secure location (encrypted drive, password manager, physical safe)
• Never modify, screenshot, or re-save the PNG – the cryptographic data is embedded in the file’s metadata
• Keep the file accessible for as long as the Safe exists

Troubleshooting:

1. Check your internet connection
2. Try a different browser (Chrome, Firefox, Safari)
3. Clear browser cache and cookies
4. Try incognito/private browsing mode
5. Check [status page] for outages

Possible causes:

1. Wrong password

   • Try resetting your account password (not master password)
   • Check Caps Lock, keyboard layout

2. Unverified email

   • Check your email for verification link
   • Resend verification email

3. Account locked

   • Too many failed login attempts
   • Wait 15 minutes or contact support

Troubleshooting:

1. Wrong file selected

   • Ensure you’re uploading the .Key file (not a different file)
   • Check file extension

2. Wrong email address

   • You must be logged in with the email address you were designated with
   • If you registered with a different email, ask safekeeper to update

3. File corrupted

   • Download the Key from the email again
   • Verify file size (should be a few KB, not 0 bytes)

4. Browser issue

   • Try a different browser
   • Try disabling browser extensions

Possible causes:

1. Required fields empty

   • Check for red validation errors
   • Fill in all required fields (marked with *)

2. Password field too long

   • Limit: ~10,000 characters per field
   • Use shorter passwords or split into multiple credentials

3. Network error

   • Check internet connection
   • Try again

Pricing model:

• Base Safe: One-time purchase (includes threshold Keys)
• Spare Keys: Optional purchase (additional redundancy)

Example pricing (hypothetical):

• Threshold 2: $X (includes 2 Keys)
• Add 1 spare Key: $Y per Key
• Total: 3 Keys for $X + $Y

Check current pricing on [pricing page].

Refund policy:

• Within 30 days of purchase (if not used)
• Contact support with purchase details

No refunds after:

• Safe has been sealed (Keys distributed)
• Safe has been revealed

Account suspension:

• You cannot create new safes
• Existing safes remain accessible (read-only)

No deletions:

• Your safes are never deleted for non-payment
• You can always access sealed safes via reveal process

SafekeeperLife uses one-time purchases, not subscriptions. No recurring payments.

If you no longer want a Safe:

• Remove the Safe (if revealed)
• Contact support to close your account

Possible causes:

1. Wrong account

   • Verify you’re logged in with the correct email
   • You may have multiple accounts

2. Safe was removed

   • Check if you (or a Keyholder) removed the Safe after reveal

3. Filter issue

   • Check if you’re filtering by status (e.g., only showing “Locked” safes)

4. Data issue

   • Contact support with your account email and Safe details

Possible causes:

1. Safe not locked

   • Your Safe must be locked before triggers can seal it

2. Trigger conditions not met

   • Inactivity: The inactivity period plus grace period hasn’t elapsed yet
   • Attestation: Not enough Voters have attested yet
   • Scheduled: The scheduled date hasn’t arrived yet

3. Not enough Keyholders

   • You need at least threshold number of Keyholders designated
   • Example: Threshold=2 requires at least 2 Keyholders

4. Triggers not configured

   • Ensure you configured at least one trigger before locking

Troubleshooting:

1. Check spam/junk folders

   • Emails may be filtered

2. Wrong email addresses

   • Verify email addresses are correct
   • Check for typos

3. Email blocked

   • Some corporate email systems block automated emails
   • Try personal email addresses

4. Email delay

   • Wait 5-10 minutes
   • Emails may be queued

5. Re-seal

   • Unseal (if possible) or reveal, then create new Safe
   • Redistributes Keys