SecureSafe has made it top priority to ensure the maximum possible security and confidentiality of your data. SecureSafe itself is not able to view your data at any time. For further information about the security measures behind SecureSafe, please see Security.

SecureSafe is a highly secure online storage of your important documents and passwords. What is more, SecureSafe allows you to specify who is to be given access to which data, later on, as beneficiaries. Take the following steps to do this:

• Store your documents in the SecureSafe safe (upload), and enter the important user names / passwords.
• Specify who the beneficiaries are, that means the persons who are to receive data later on.
• Assign data to the beneficiaries. Who is to be given which documents and passwords.
• Print out what is referred to as the activation code. This is the code which will be used to start the data inheritance, built-in DataInherit-function.
• Designate one or more trusted persons, to whom you hand over the printed activation code.
• As a safety measure print out the recovery code. You will need this if you ever happen to forget the user name/password of your SecureSafe account. (SecureSafe has no access at all to the data or passwords, and cannot do anything for you without this recovery code should you no longer have any access).
• Turn on the data inheritance.

The business model of SecureSafe is "Freemium" (Free and Pro). Although many of our users have a free SecureSafe account, customers can also purchase one of our premium packages if they would like to receive more functionality such as increased data storage etc. Essentially, we rely on paying customers, but we also offer a fully comprehensive highly secure basic service to customers who may eventually upgrade to one of our paid for accounts. Our customers can also keep their free account for life.

The login recovery code allows you to gain access to your account, if you have, for example, forgotten your username or password. You will find detailed information under “Questions about resetting the account”. SecureSafe has no access at all to your data or passwords. SecureSafe can not reset your password. Without the recovery code and with out valid username-password combination, you will need to create a new data safe. You find your recovery when you are logged into your account, under "My Account" -> "Recovery". You can use the recovery code under https://www.securesafe.com/recover

You will find detailed information under “Questions about resetting the account”.

The activation code is a PDF document (usually printed out on a sheet of paper), which contains the 36-figure code. If someone enters this activation code on the SecureSafe homepage, this starts the data inheritance process. (If it is an erroneous activation the account holder can stop the data inheritance from taking place).

Instructions for clearing your browser cache: http://www.wikihow.com/Clear-Your-Browser's-Cache

Secure Safe is available on various devices and platforms. You do not have different SecureSafe accounts, but can use SecureSafe with a single username and password on all devices and apps. This not only simplifies password management, but also makes sure that you can access all your important data at any time everywhere. Secure Safe is currently available on the following devices and platforms:

• PC / Mac: Use our web application
• iOS (iPad, iPhone, iPod): Use our iOS app from the Apple App Store
• Android (Phone and Tablet): Use our Android app from Google Play

SecureSafe needs your email address to be able to contact you in case the data-inheritance process was activated by one of your trust-persons on your account and send you an update email once or twice per year, where the new features are announced.

SecureSafe needs your mobile number to be able to contact you in case the data-inheritance process was activated by one of your trust-persons on your account and to send you authentication codes via text message (in case you chose the corresponding authentication method).

If you are no longer able to log in to SecureSafe, your recovery code is absolutely the only way you can access your account again. SecureSafe is unable to see any of your data or even password. For this reason it is also completely impossible for SecureSafe to help you to log in if you have neither the password nor the recovery code.

If you only forgot your username SecureSafe personel can possibly help you in case you have registered your email address or your mobile number.

If you have forgotten the username please contact support (at) SecureSafe.com, from the same email address that you have used when registering the account.

Besides the normal method of authentication with a user name/password, SecureSafe offers another variant, which provides even greater security. With this method, after entering the user name and password for logging in, a short SMS is sent to your mobile phone. You need this code in order to identify yourself.

Even if someone finds out your user name and your password, he would not be able to get at your data because he does not have access to your mobile telephone.

If you select “My Account” in the top right-hand corner of the application, you can switch on this variant under the “Login&Password” tab. Please make sure, that you have also selected the country where the phone is registered.

If you do not receive an SMS this can be for one of several reasons:

• You have lost (or temporarily do not have access to) your phone
• You have chosen the normal log-in variant without additional SMS authentication.
• Wait for a while. Depending on the telephone provider and country it may take a bit longer for the SMS to arrive.
• You are in a region or a room where there is no signal reception. Check whether your mobile phone is receiving a signal.
• You have entered an incorrect mobile phone number.
• Try again to get a signal at another time later on or from a different location.

If you are no longer able to dial in despite trying several times from different locations, then you will have to reset your account using the recovery code in order to regain full access. Further information under “Questions About Resetting the Account”.

If you have selected the variant with authentication by user name/password and SMS, and you have no reception on your mobile, then you have to try again to get a signal from another location or, if that does not work, reset your account by using the recovery code. Further information on this under “Questions About Resetting the Account”.

In your SecureSafe account you will find at the top right-hand corner the “My Account” panel. Under the “Login&Password” tab you can choose how you would like to log in. Please make sure you select the country where the phone is registered as well.

Account owners can delete their own account, by logging in, opening the "My Account" dialog, choosing the tab "My Account" and pressing the button "Delete Account". If you forgot your password, send an email to "support (at) SecureSafe.com" with a body text that requests the account deletion and mentions your username.

Let us assume you want to upgrade your "Password Safe Free" account into a "Password Safe Premium" account:

• On your PC / Mac  go to   www.SecureSafe.com/mylogin 
• Login using your SecureSafe uid/pw 
• Click on "My Account" (in the upper right corner)
• Select the tab "Upgrade"
• A dialog will appear that lets you choose the desired account type
• Click on the "Upgrade" button and you will be guided to the payment system. 

Please note that you have to click on the "upgrade" button before closing the whole dialog with "Save".

With the browser on your PC/Mac visit the website https://www.securesafe.com/recover and enter the recovery code. After the correct entry, the system will disable the 2 factor (text message based mTAN) authentication until you switch it on again manually in the security settings).

Let us assume that today you subscribe for a 1 year silver account:

• in 11 months from here (meaning 1 month before end of subscription) you will be notified each time you login that your subscription is going to expire
• after the login you will also see that the account status indicator shows a warning flag
• additionally, we will remind you of the upcoming account expiration by e-mail
• after the account has expired you can at login time renew the account but you cannot use the account anymore (until you renewed)
• your credit card will NOT be automatically charged

By clicking into the table column headings you can sort the table alphabetically along the corresponding column. Further sorting/categorization mechanisms will follow in the near future. If you have further questions/suggestions please send an email to: support (at) SecureSafe.com.

Importing and exporting can currently be done on the web-interface that you access with the browser on your PC/Mac. The iPhone app does not yet support importing / exporting passwords.

Under the menu item "More Actions" you will find an item "Import passwords". Choose this menu item and a file-selection dialog will allow you to specify a file to import. The contents of the previously selected file is now shown in the preview table. Each row in the preview table represents a password entry to import. Adjust the import options until the preview contents looks correct. Arrange the rows to match them with the predefined header fields. It it important to select the right character-set otherwise special characters might be translated wrongly. At the moment SecureSafe supports the CSV (Comma Separated Values) text file that contains one password entry per row, fields are separated by a separator character (comma, semi-colon, tab).

Importing and exporting can currently be done on the web-interface that you access with the browser on your PC/Mac. The iPhone app does not yet support importing / exporting passwords.

Under the menu item "More Actions" you will find an item "Export passwords". Choose this menu item and a new dialog will allow you to specify a the export format. At the moment SecureSafe supports the CSV (Comma Separated Values) text file that contains one password entry per row, fields are separated by a separator character (comma, semi-colon, tab). You can choose the separator character and you can choose how special characters shall be encoded. The CSV formatted file can then for example be imported into a spreadsheet (e.g. Excel) program for further manual processing.

Click on the “Upload” button and select the desired document from your PC. The document will be transferred in encoded form to the SecureSafe data-safe. Once it is there, you can move it to the right folder.

Yes. You can quite easily select several documents at once, by using the Ctrl key (Windows), or Command key (MacOS). Alternatively, use the shift key for a group of documents, or Ctrl-A (Windows), or Command-A (MacOS), to select all the documents in a folder simultaneously.

It is not possible to directly select whole folders because of a limitation in the operating system. You can, however, compress the desired folder as a ZIP file directly on your own operating system (generate a document with the extension “.zip”), and then upload this ZIP file. For example, in Windows, use the right mouse key / send to / compressed ZIP folder. The compression also has the added advantage of allowing a faster upload. After the upload, you can either leave the ZIP folder as it is in the SecureSafe safe, or unzip it and restore the original document/folder structure. In SecureSafe, select the ZIP folder, then right click on the mouse / extract all.

Either double-click the document, or select it and click on the “Download” button. If you select and download entire folders, then the entire contents are automatically zipped and downloaded to your PC as a single compressed document with the extension “.zip”. Once there, this ZIP file can be unpacked by double-clicking on it.

The maximal file size is 2 Gigabytes. Please be aware that if you have a regular internet connection at home (with for example 10mbit/s download and 1mbit/s upload)  the upload of a single 2 Gigabyte file can take many hours.

Follow the directions on your recovery code document: Goto https://www.securesafe.com/recover and enter the 36-character code. You can specify a new password and your mTAN authentication (if it was enabled before) is now disabled

Please note that it is not possible to reset an account without a recovery code and that SecureSafe has no facilities for doing so. For this reason, it is important that you keep the recovery code safe. The recovery code is offered for download / print-out right after registration. Later you can print / download the recovery code after log-in. In the upper right corner you find the button to activate the "My Account" settings dialog.

The login recovery code allows you to gain access to your account, if you have, for example, forgotten your username or password. You will find detailed information under “Questions about resetting the account”. SecureSafe has no access at all to your data or passwords. SecureSafe can not reset your password. Without the recovery code and with out valid username-password combination, you will need to create a new data safe. You find your recovery when you are logged into your account, under "My Account" -> "Recovery". You can use the recovery code under https://www.securesafe.com/recover

You will find detailed information under “Questions about resetting the account”.

The login recovery code can reset more than just the username and password: an SMS authentication, if one is being used, is also reset (in case, for example, you can no longer access your data because your mobile phone has been lost).

No.

Using this function, you can arrange to have passwords and files passed on automatically and securely to beneficiaries among your family, partners and friends in the case of an emergency or fatality.

Data inheritance is easy -to- use:

1. Store documents and passwords in the SecureSafe online safe.
2. Specify beneficiaries who are to be given access to the data if anything should happen to you.
3. Allocate your data and passwords to your beneficiaries.
4. In the event of an emergency, the DataInherit -function guarantees the safe notification of your beneficiaries and the secure transfer of your data.

Documents and passwords which have not been assigned to anyone are securely deleted during the data inheritance, just as the account holder had wished.

You specify individuals who are to be recipients, such as people from among your circle of family, partners and friends. You then allocate the various documents and passwords to these individuals. Data which you do not allocate to anyone will be securely deleted in the event of your demise.

You specify one or more persons to be authorized activators, such as your life partner or close friends. These beneficiaries will then be able to activate the data inheritance by using an activation code. You do not need a lawyer or other formalities for this process. Improper activation is rendered impossible by the DataInherit safeguarding delay.

Beneficiaries will receive the access codes for the files and passwords which you have allocated to them by means of a securely encrypted email or by registered mail sent to any destination worldwide through the Swiss postal service.

No, you do not have to inform the Beneficiaries that they will be receiving data at a later date. You should, however, regularly check to see that you have entered the correct telephone numbers, email addresses, and also the correct place of residence for your beneficiaries. 

Authorized Activators are persons you trust, who are authorized to effect activation; they are those persons to whom you have handed an activation code. These Authorized Activators will then activate the data inheritance according to your wishes. You may designate one or more Authorized Activators. Entry of a single activation code is sufficient to start the data inheritance.

It can be one or several persons. You can also append the activation code to your will. Entry of a single activation code is sufficient to start the data inheritance.

As the account owner, you define a person you trust to be your authorized activator. You will hand over instructions and an inheritance activation code to one or several activators (e.g. your business partner, spouse, parents...). In casethe event that anything happens to you, the trusted activator enters the activation code into the system. SecureSafe has a fraud protection system in place that will first warn the account owner that the process has been started. Only if you do not react within a specified time interval (anywhere from minutes to months) will the process be started.

The safeguarding delay time serves to prevent the data inheritance from happening without your consent. If one of the Authorized Activators enters the activation code, the safeguarding delay period starts running (e.g. 15 days). During this safeguarding delay period you will be contacted by SecureSafe by email and SMS. If it is an erroneous activation, you simply log in as usual to your SecureSafe account and stop the data inheritance. If the data inheritance has been stopped, confidentiality is guaranteed as before. No data or passwords will have left your data-safe and none of the beneficiaries will have been notified.

In the SecureSafe status indicator (bottom right in the SecureSafe application) you can see whether the account is properly set up so that the data inheritance can be performed.

• If it says “Data inheritance is switched off” or “Warning!”, then click on this text to see the status window. Go through and check the whole status window, until there is a green tick (OK) for the status shown everywhere.
• If you use the Password-Safe FREE, then make sure you have the “Activation code” which you have printed out handy. Now log out.
• As described on the activation code document, go to the website https://www.securesafe.com/activate. Now you will see an input field.
• Enter the 36-figure activation code on the screen.
• The data inheritance will now be started. As the account holder you will be notified by email and SMS that the inheritance has been initiated. You still have time now to halt this inheritance (should it have been started erroneously). If you do nothing, the data inheritance will be activated at the end of the safeguarding delay time which you yourself have specified in your SecureSafe account.

You can stop a data inheritance from actually taking place, after it has been started, and you have received the email or the SMS, by simply logging on to your account in the usual way, before the safeguarding delay period chosen by you has expired. After logging on you will see an unmistakable notice informing you that the data inheritance process is running, which you can now simply stop. If the data inheritance is halted, confidentiality is ensured as before. No data and passwords will have left your data-safe and none of the beneficiaries will have been notified.

SecureSafe has implemented the "secure remote password protocol" (SRP). The method was invented at Stanford University by Tom Wu (RFC 2945). Using SRP SecureSafe provides maximum security against internet threats like eavesdropping and dictionary attacks and still is easy to use. Another important aspect of SRP is that SecureSafe does not need to store your password nor any one-way function of the password anywhere. Consequently, passwords and documents are not exposed to accidental data loss or malicious data-leakage risks.

More information on this topic under http://en.wikipedia.org/wiki/Secure_remote_password_protocol

SecureSafe targets maximum security for our clients. SecureSafe therefore offers to all clients a strong authentication method called mTAN. We recommend to our clients to make use of this additional strong security feature. With mTAN activated the user will be asked at login to type in a one-time password that was delivered to him over the mobile network by text-message (SMS). This so called mTAN is proven to be more secure than many other 2-factor authentication methods such as TAN or iTAN.

Our 2-factor authentication is included in Password PRO, SILVER and GOLD.

Read more about DoubleSec

DoubleSec - the unique secure login feature for the iPhone

What is DoubleSec?
High security login technology using 2-factor authentication on the iPhone - but as easy as standard username/password!

What is 2-factor authentication?
Username/password are still the most common method for authentication of users on the Internet. However, more and more online services are changing over to two-factor authentication to ensure that critical login information can not be detected or intercepted. The first factor is something the user 'knows', such as a user name and password, while the second factor is something that they ‘own’ like an iTAN, a scratchcard or a mobile phone.

Why are two factors better than one?
Your account is better protected as a potential attacker would need to be in possession of your username and password as well as your mobile phone before they could log into your account.

How does two-factor login work with a standard mobile phone?
After entering username / password you receive an SMS notification within seconds with a 4-digit PIN code. You then simply enter this code manually into your web browser and you are logged into your account.

Why is DoubleSec better?
If you login to your SecureSafe account using your iPhone you need to manually enter the PIN code into the iPhone App. With DoubleSec this process is automated after the first time you login using the service as you are given a secret token that is stored on your iPhone and is then refreshed automatically before each future login.

DoubleSec is available to all SecureSafe customers, except for the SecureSafe FREE.  To activate this technology follow these simple steps:

1. Login to your account using your PC or Mac (not via your iPhone).
2. Select the top right button “My Account" and then under the “Contact Details” tab add your mobile number if it is not already there.  Under the "Login & Password" tab select “user name and password and SMS delivered one time password”.
3. If you haven’t already done so, now might be a good time to print your Account Recovery Code and store it in a safe place.
4. “Save” your settings and then logout.

Everything is ready: Start the SecureSafe iPhone App. Then, after entering username and password, you will receive a PIN code via SMS, enter (once) manually into the app and from now on your iPhone is tied to your account with the highest level of security!

Strong encryption is a core quality and competence of the SecureSafe application. SecureSafe even encrypts passwords in the memory of the user's computer when the SecureSafe password safe is in use. Only when a single password is actually viewed or used by the user it will be temporarily decrypted and displayed.

As in the memory of a user's computer, SecureSafe encrypts all data stored on the iPhone/iPod/iPad using a strong AES-256 key and only decrypts passwords on demand. This makes sure that even if a malicious application on the iPhone/iPod/iPad would be able to read the local SecureSafe data database, it can not access any of the passwords or data stored in it. Also, all SecureSafe passwords and data are secured against iPhone/iPod/iPad-theft that way.

SecureSafe uses strong security EV SSL certificates (so called Extended Validation) certificates. You can recognize the certificates in your browser's URL bar, as the company name or the whole URL field is shown with a green background (depending on the browser). All of the data that is passed to SecureSafe servers is encrypted with the strong SSL keys. In addition, using a unique session key that is established in a secure way during each login all password safe entries, meta data and user data is double encrypted, such that even man in the middle attackers targeting the SSL-session cannot access that data. This session-specific key also prevents from replay-attacks because all encrypted data look different during each session. This fact theoretically allows to use the SecureSafe data safe even over channels without SSL protection in a secure way.

SecureSafe encrypts all user data with highly secure and worldwide acknowledged encryption methods (RFC 2898). Neither hackers nor SecureSafe staff members can ever access user data and information that is stored with SecureSafe. SecureSafe makes use of well-established cryptographic standards such as AES-256 and RSA-2048, without compromise. Both standards provide a proven security for many years to come.

SecureSafe designed and developed together with its scientific partner Zurich University of Applied Sciences a new way how to generate easy to memorize (but still strong) passwords and visualize the "how secure the password is" in the most simple way.

The SecureSafe application and data storage – and therefore all client data – are only hosted with highly secure datacenters inside of Switzerland. SecureSafe datacenters further comply with the specific regulations of the Swiss Federal Banking Commission.

SecureSafe subscribes to McAfee Secure service that performs vulnerability scans and compliance checks of SecureSafe’s web services on a daily basis. Please see the corresponding seal shown on the bottom of this page. Clicking on the seal will reveal the latest scan reports.

You will find further information about the security measures behind SecureSafe under Security.

Currently this is only in the web gui  available. You can access the web user interface with your Mac / PC under:

https://www.securesafe.com/mylogin

With the SecureSafe-iOS App, you can upload arbitrary files to your SecureSafe.. Unlike on a normal computer ("Upload"), this process works on iOS slightly different - instead of opening a document in SecureSafe, you need to "pass" this from another app to SecureSafe. Whether that app supports this process is indicated by the presence of the following "Open In"-button:

Clicking this button will show a list with all those apps which support the appropriate document type - including SecureSafe. In summary, the upload using the "Open In" function works as follows:

1. Click on the above button in any app
2. Select "SecureSafe" in the displayed list
3. Log in to SecureSafe with your username and password
4. Select the desired file name and destination folder for the document

“SecureSafe for Teams” is the perfect solution for project teams, SMEs, consultants, administrators and lawyers. The service facilitates the collaboration of teams whose members do not work in the same place or in the same company.

It is easy to create a team safe. All you need is a private login. You can then simply invite your colleagues or clients to join your team safe to share and access documents.

Start your 30-day trial to see for yourself!

Please contact our sales department at sales@securesafe.com to discuss your requirements and we will be happy to make you an offer.

Yes. Each member of “SecureSafe for Teams” needs to have a personal SecureSafe login.

Your personal SecureSafe login gets created when you open a new “SecureSafe for Teams” account. If you have an existing SecureSafe account you can create a team-space within this account - so you only need to remember one login and password. Your team space will appear as a separate tab within your private SecureSafe account so there is a clear separation between your shared and personal documents.

Yes. Each member of “SecureSafe for Teams” automatically receives a personal free SecureSafe account with an included team functionality.

The personal space is only visible to the user of the account. Once logged in, they can access both their personal safe as well as the team safe.

A private SecureSafe account does not have team functionality.

With the addition of a team space, you can securely store, share and exchange documents with colleagues and/or customers from a common platform. To open a "SecureSafe for Teams" account you first need to have a personal SecureSafe login.

Once you are logged in the team folder will appear as a separate tab in your SecureSafe account.

You are the only person who will see the documents and passwords stored in your private safe.

Try "SecureSafe for Teams" absolutely free for 30 days. A 30-day trial version can be created for 3 users and has a storage capacity of 100MB.

After the 30 day trial you can decide whether you want to continue using "SecureSafe for Teams".  If you decide to continue then the data you stored during the trial period will remain in your team safe.

You can also decide before the end of the 30-day trial to sign-up to the service and add more members.

"SecureSafe for Teams" includes a 1000 GB data storage capacity so that you will have enough space for all your files without having to worry about storage space ever again.

The stored documents in the team safe cannot be inherited. Our Data Inherit function is available exclusively to private SecureSafe accounts.

If a member leaves the team, you can simply remove them using the administrator rights and add a new member. The new member will automatically have full access to all the documents stored in the team safe.

Yes, you can access the stored data in your team safe at anytime and anywhere using an iPhone or an iPad.

To use "SecureSafe for Teams" your need to have a private SecureSafe login. "SecureSafe for Teams" will appear in your private SecureSafe as a separate tab so that you only need one login to access your personal and team data.  If you do not wish to have the team space within your private account then you can simply create a second SecureSafe login.

You can remove a member from the team safe at anytime. The administrator of the team simply uses the "Remove Member" button.

No. Once a member has been deleted from a team safe they lose all permissions and access to the team safe.  They can, however, continue to use their private SecureSafe.

Yes, we have included an activty viewer within the service. With the activity viewer you can see which team member last edited or uploaded a document.