Skip to main content

How to Secure Your LockYit App?

· 3 min read
The LockYit Team
The LockYit Team
Security focussed. Privacy centric.

LockYit is built to keep your most sensitive information safe - but like any security tool, it's only as strong as the practices you put in place. Here are three essential steps to make sure your LockYit account is properly secured.

1. Use a Strong Master Password

Your master password is the key to everything inside LockYit. It encrypts your entire vault, and without it, no one - not even the LockYit team - can access your data. That makes choosing a strong one critical.

A strong master password should be:

  • Long - at least 16 characters
  • Unique - not used anywhere else
  • Unpredictable - a mix of words, numbers, and symbols, or a long passphrase that only you would know

Avoid using names, birthdays, or common words. A passphrase like correct-horse-battery-staple-7! is far better than Password123.

Since you won't be typing it into a browser auto-fill, take your time choosing something memorable but not guessable. Write it down and store it somewhere physically secure until you've committed it to memory.

For guidance on setting or updating your master password, see the Master Password documentation.

2. Enable Two-Factor Authentication

Two-factor authentication (2FA) adds a second layer of protection to your LockYit account. Even if someone obtained your master password, they would still need access to your second factor to get in.

To set up 2FA for LockYit:

  1. Open Settings and navigate to the Security tab.
  2. Enable Two-Factor Authentication and scan the QR code with an authenticator app.
  3. Enter the verification code to confirm setup.

Use a dedicated authenticator app - such as Google Authenticator, Authy, or Microsoft Authenticator. Authenticator apps are significantly more resistant to SIM-swapping attacks.

For a step-by-step walkthrough, see the Two-Factor Authentication documentation.

3. Generate and Store a Recovery Kit

If you ever lose access to your master password or your 2FA device, your Recovery Kit is what lets you get back in. It contains your encrypted recovery key, which can be used to regain access to your account.

To generate your Recovery Kit:

  1. Go to Settings → Security.
  2. Find the Recovery Kit section and download the PDF.
  3. Store it somewhere safe - a physical location you control, like a safe or a locked drawer.

A few tips for keeping it secure:

  • Do not store it digitally on an unencrypted device or in an easily accessible cloud folder.
  • Print it out and treat it like an important legal document.
  • Consider storing a copy in a separate physical location from your primary residence.

Your Recovery Kit is your last line of defense - make sure it exists before you need it.

For full details, see the Recovery Kit documentation.

Taking these three steps - a strong master password, 2FA with an authenticator app, and a saved Recovery Kit - will give your LockYit vault a solid security foundation. If you have questions or run into any issues, feel free to reach out to us.