KeyCrypta Security Policy

Thank you for helping improve the security of KeyCrypta. Our goal is to maintain a 100% offline, cryptographically hardened password management system.

Contact

If you discover a vulnerability or security issue, please report it immediately to:

Email: info@keycrypta.com

Scope

All vulnerabilities or issues affecting the following are in scope:

• KeyCrypta software (Windows)
• Website: keycrypta.com
• Static vault file formats and export logic

Responsible Disclosure

Please allow us reasonable time (max 10 business days) to investigate and address any issue before publicly disclosing it.

We do not offer monetary rewards at this time but publicly acknowledge verified contributions.

PGP encryption is available upon request for secure submissions.

We appreciate your help in making KeyCrypta more secure.

Guidelines

• Do not perform attacks that could disrupt service or data of other users.
• Do not attempt phishing, social engineering, or physical intrusion.
• Do not share information about discovered vulnerabilities outside your report.

Legal

We consider good-faith security research a positive contribution and will not pursue legal action against researchers who follow this policy.

– KeyCrypta Team