Create ultra-strong passwords that cannot leak
Neulock never uploads any of your secrets. Your passwords are seamlessly available on all your devices, but never stored. It's leak‑proof by design, not by encryption.
Other password managers create vaults…
They bundle your passwords together, encrypt them, and upload this "vault" to their cloud servers.
…but vaults can leak!
Connor is a software engineer and startup founder (fake name, real person). He was robbed of $3.4 million due to the 2022 LastPass breach. That leak alone resulted in more than 150 people losing over $35 million to hackers.
Cybercriminals have proved that they can steal encrypted vaults, even from the market leader, and crack them open, revealing user passwords.
Jennifer Lawrence, Kate Upton, Kaley Cuoco, and Kirsten Dunst, among over 100 celebrities, had their private photos leaked in a spearphishing attack against iCloud.
Nowadays iCloud offers password management with iCloud Keychain. Do you use it? Should you?
Neulock never stores your passwords
(so they can't be leaked)
Why risk security breaches when you don't have to? Neulock redefines password management by simply not storing your passwords. Instead, they are calculated on your device, using your private master key, only when needed.
Technically, Neulock is a deterministic password generator with cloud metadata backup.
What does this mean for you? It means that Neulock will only upload enough to sync your devices, but our servers don't store any of your secrets, not even under encryption.
We take excellent care of your data and your privacy (did you notice that this website doesn't use cookies?). But even if our servers were completely compromised, they simply don't have your passwords, or any of your secrets.
No passwords stored means no passwords to steal. Revolutionary? We think so.
We don't trust humans to make passwords
Let’s face it, human-generated passwords are the weakest link. With Neulock, all passwords are ultra-strong and unique, ensuring the highest level of security against brute-force attacks.
We won't import your old, possibly compromised passwords. No more password reuse. No more checking if your password has been leaked.
Features
We are judicious about adding features to Neulock. Two factors guide us:
- Security: Neulock aims to be the most secure password manager in the world. We only add features that improve security, never compromise it.
- The UNIX philosophy: We believe in doing one thing and doing it well. Neulock is a password manager, and we don't plan to add unrelated features.
| Feature | Neulock Web | Neulock for Android and iOS | Details |
|---|---|---|---|
| Set up new account and master key | ✔ | ✔ | You can start your Neulock journey on any platform. |
| Create unlimited passwords | ✔ | ✔ | Free & unlimited on Neulock Web. Requires subscription on the mobile apps. |
| Change or delete an existing password | ✔ | ✔ | Free & unlimited on Neulock Web. Requires subscription on the mobile apps. |
| View & copy passwords | ✔ | ✔ | You can view & copy your passwords on the mobile app even without a subscription. We won't ever lock you out! |
| Change master key | ✘ | ✔ | You can change your master key on the mobile app even without a subscription. |
| In-app support & feedback | 🚧 | ✔ | You can use in-app support on the mobile app even without a subscription. |
| Biometric protection of master key | ✘ | ✔ | Neulock Web protects your master key from most attacks against your device. Read our security page. |
| 10x faster password calculation | ✘ | ✔ | Neulock Web is fast on modern computers, but on mobile it may take a few seconds to calculate a password. The mobile apps do split-second calculations using native code. |
| Password auto-fill | 🚧 | 🚧 | Auto-fill is under security evaluation, since it has been exploited to leak passwords on other password managers. See FAQ. |
| Export passwords | ✘ | 🚧 | Export is under security evaluation. Currently, the mobile apps can export your current passwords to a text file only right after you change the master key. |
| Import passwords from other password managers | ✘ | ✘ | We don't trust your old passwords. We won't import them, even if you ask us to. |
| Password sharing | ✘ | ✘ | Password sharing is a bad security practice and a possible attack vector. There are very few cases that justify sharing a password, even with family. Even fewer for businesses. We won't endorse it. |
| 2FA manager | ✘ | ✘ | You shouldn't let your password manager handle your second factor of authentication too, because it creates a single point of failure. |
| Store secrets other than passwords | ✘ | ✘ | Neulock is a password manager. It's the best at keeping strong passwords, but it can't keep anything else, since it never stores your secrets, but rather calculates them. |
Frequently asked questions (FAQ)
Our cloud servers don't store any of your secrets, not even under encryption. We define secrets as: your master key; and your passwords.
Even if our servers were to be compromised, your secrets would remain safe, because they never leave your own devices.
This is a fundamental difference from other password managers, which store your secrets on their servers, even if they are encrypted with your master key. Such "vaults" have been shown to leak secrets in the past.
Learn more about our security model.
Sure! Just sign in with the same Apple or Google account on all your devices, and enter the same master key. You only need to enter the master key once per device or browser, and we have a special little trick to make it easier for you.
We will keep your passwords automatically in sync across all your devices.
Yes. Neulock Web is a fully functional version of Neulock that works on any device with a modern web browser. It is free and unlimited to use, and always will be.
Neulock for Android and Neulock for iOS are free to install and use, but they require a subscription to create and change passwords.
Two reasons. First, we want everyone to try and audit it for free. We believe we have created a truly revolutionary password manager, and we want people to see it for themselves.
Second, Neulock wouldn't be possible without the open-source community. This is our way to say thanks and give back.
Neulock is a privacy-first password manager. We don't track you, we don't profile you, and we don't sell your data. We don't even know your email address unless you opt-in for marketing communications. This website doesn't even use cookies.
It took years of research and development to create Neulock, plus ongoing investment in cybersecurity to keep it safe. Our mission is to be the most secure cloud password manager in the world. We believe that Neulock is worth the price, and we hope you do too.
Also, we're in this for the long haul. We don't plan to gain market share quickly by selling cheap and then selling out.
We will never lock you out of your passwords.
You will be able to view and copy your passwords on all platforms: Neulock Web, Neulock for Android, and Neulock for iOS. You will also be able to keep using Neulock Web to create, change and delete passwords.
Not yet, but we are working on it. And we advise you to be cautious with password auto-fill.
Auto-fill is under security evaluation, since it has been exploited to leak passwords on other password managers. The latest attack vector, called "AutoSpill", still hasn't been patched on many Android devices as of this writing.
Browser extensions that auto-fill passwords have been shown to inject passwords into the wrong fields, and to leak passwords to malicious websites.
We will only add password auto-fill to Neulock after extensive security testing, and it will be opt-in.
In the meantime, we recommend that you copy and paste your passwords using the copy button. After pasting, you can go back to Neulock and clear the clipboard by unpressing the copy button.
Neulock strictly adheres to the best security practices. Sharing passwords is very unsafe.
On a business environment, no password should be shared, ever. Each account should belong to one person who's responsible for it. Access to services should be granted through Identity Access Management (IAM), not by sharing passwords. This way, security incidents remain auditable and can be traced back to the responsible person.
We have helped organizations with 10k+ employees to implement IAM and eradicate password sharing. You can do it for your small or medium business too.
Families have no reason to share passwords either. Cyber hygiene starts at home.
No. Technically, Neulock doesn't store anything, not even your passwords.
Neulock's unique security model also makes it incapable of storing arbitrary data. And this is a good thing.
No, because Neulock cannot store arbitrary information. In Neulock, all passwords are calculated using your master key and metadata, including a random number. That's why passwords are random-like and statiscally unique.
We do recommend, however, that you use Neulock to generate a strong password for your cryptocurrency wallet, and another one to encrypt your recovery (seed) phrase. You can then backup your encrypted recovery phrase wherever you like.
Still have questions? Contact us and we'll be happy to help.
Audit Neulock yourself
We made Neulock Web free for everyone, so that anyone can see how it works.
Just head to web.neulock.app and open your browser's developer tools. You can see all the requests Neulock makes, and you'll notice that we never send your passwords or any of your secrets to our servers.
Feel free to explore, and if you have any questions, reach out to us. We love to talk about Neulock!
Why Neulock Stands Out
- ✔ Unparalleled Security: As safe as an offline password manager, Neulock is leak-proof by design.
- ✔ Anywhere Access: Your passwords, on any device, anytime.
- ✔ Uncrackable passwords: Say goodbye to weak, human-created passwords, that you keep reusing.
- ✔ Transparent Trust: We guarantee your privacy by never holding any of your secrets. Audit it yourself!
- ✔ For Everyone: User-friendly design with innovation at its heart.