Neulock has evolved

Neulock has moved to the Ethereum blockchain to better fulfill its mission of giving you full ownership and custody of your passwords. Check out the Neulock Crypto website to learn more.

This website is now an archive of the original Neulock project. You can still access your passwords and other data by signing in to Neulock Web.

Create ultra-strong passwords that cannot leak

Neulock never uploads any of your secrets. Your passwords are seamlessly available on all your devices, but never stored. It's leak‑proof by design, not by encryption.

★★★★★
Password syncing without storing? I can't believe no one had thought of this before!
🇩🇪 Jan 2024
★★★★★
I love the simplicity of Neulock. It's so easy to use!
🇺🇸 Jan 2024
★★★★★
Neulock is looking good!
🇬🇧 Nov 2023
★★★★★
Neulock is the only password manager that doesn't ask for blind trust!
🇧🇷 Oct 2023
★★★★★
It's exciting to see a password manager approaching security from a different angle. All other options are so similar!
🇨🇦 Dec 2023

Other password managers create vaults…

They bundle your passwords together, encrypt them, and upload this "vault" to their cloud servers.

…but vaults can leak!

Connor is a software engineer and startup founder (fake name, real person). He was robbed of $3.4 million due to the 2022 LastPass breach. That leak alone resulted in more than 150 people losing over $35 million to hackers.

Cybercriminals have proved that they can steal encrypted vaults, even from the market leader, and crack them open, revealing user passwords.

Jennifer Lawrence, Kate Upton, Kaley Cuoco, and Kirsten Dunst, confirmed victims of the 2014 iCloud leak. Source: Wikipedia & Wikimedia Commons. Respective credits: Joel Kowsky, MelodyJSandoval, Peter Ko, & Georges Biard. Modification: cropped & stitched together.

Jennifer Lawrence, Kate Upton, Kaley Cuoco, and Kirsten Dunst, among over 100 celebrities, had their private photos leaked in a spearphishing attack against iCloud.

Nowadays iCloud offers password management with iCloud Keychain. Do you use it? Should you?

Neulock never stores your passwords

(so they can't be leaked)

Why risk security breaches when you don't have to? Neulock redefines password management by simply not storing your passwords. Instead, they are calculated on your device, using your private master key, only when needed.

Technically, Neulock is a deterministic password generator with cloud metadata backup.

What does this mean for you? It means that Neulock will only upload enough to sync your devices, but our servers don't store any of your secrets, not even under encryption.

We take excellent care of your data and your privacy (did you notice that this website doesn't use cookies?). But even if our servers were completely compromised, they simply don't have your passwords, or any of your secrets.

No passwords stored means no passwords to steal. Revolutionary? We think so.


We don't trust humans to make passwords

Let’s face it, human-generated passwords are the weakest link. With Neulock, all passwords are ultra-strong and unique, ensuring the highest level of security against brute-force attacks.

We won't import your old, possibly compromised passwords. No more password reuse. No more checking if your password has been leaked.


Features

We are judicious about adding features to Neulock. Two factors guide us:

  • Security: Neulock aims to be the most secure password manager in the world. We only add features that improve security, never compromise it.
  • The UNIX philosophy: We believe in doing one thing and doing it well. Neulock is a password manager, and we don't plan to add unrelated features.

Frequently asked questions (FAQ)

What do you mean by 'leak-proof by design'?

Our cloud servers don't store any of your secrets, not even under encryption. We define secrets as: your master key; and your passwords.

Even if our servers were to be compromised, your secrets would remain safe, because they never leave your own devices.

This is a fundamental difference from other password managers, which store your secrets on their servers, even if they are encrypted with your master key. Such "vaults" have been shown to leak secrets in the past.

Learn more about our security model.

Does Neulock sync my passwords across my devices?

Sure! Just sign in with the same Apple or Google account on all your devices, and enter the same master key. You only need to enter the master key once per device or browser, and we have a special little trick to make it easier for you.

We will keep your passwords automatically in sync across all your devices.

Is Neulock free?

Yes. Neulock Web is a fully functional version of Neulock that works on any device with a modern web browser. It is free and unlimited to use, and always will be.

Neulock for Android and Neulock for iOS are free to install and use, but they require a subscription to create and change passwords.

Why is Neulock Web completely free?

Two reasons. First, we want everyone to try and audit it for free. We believe we have created a truly revolutionary password manager, and we want people to see it for themselves.

Second, Neulock wouldn't be possible without the open-source community. This is our way to say thanks and give back.

Why is Neulock Premium more expensive than XYZ password manager?

Neulock is a privacy-first password manager. We don't track you, we don't profile you, and we don't sell your data. We don't even know your email address unless you opt-in for marketing communications. This website doesn't even use cookies.

It took years of research and development to create Neulock, plus ongoing investment in cybersecurity to keep it safe. Our mission is to be the most secure cloud password manager in the world. We believe that Neulock is worth the price, and we hope you do too.

Also, we're in this for the long haul. We don't plan to gain market share quickly by selling cheap and then selling out.

What happens if I cancel my Neulock Premium subscription?

We will never lock you out of your passwords.

You will be able to view and copy your passwords on all platforms: Neulock Web, Neulock for Android, and Neulock for iOS. You will also be able to keep using Neulock Web to create, change and delete passwords.

Does Neulock auto-fill passwords?

Not yet, but we are working on it. And we advise you to be cautious with password auto-fill.

Auto-fill is under security evaluation, since it has been exploited to leak passwords on other password managers. The latest attack vector, called "AutoSpill", still hasn't been patched on many Android devices as of this writing.

Browser extensions that auto-fill passwords have been shown to inject passwords into the wrong fields, and to leak passwords to malicious websites.

We will only add password auto-fill to Neulock after extensive security testing, and it will be opt-in.

In the meantime, we recommend that you copy and paste your passwords using the copy button. After pasting, you can go back to Neulock and clear the clipboard by unpressing the copy button.

What about password sharing / family share?

Neulock strictly adheres to the best security practices. Sharing passwords is very unsafe.

On a business environment, no password should be shared, ever. Each account should belong to one person who's responsible for it. Access to services should be granted through Identity Access Management (IAM), not by sharing passwords. This way, security incidents remain auditable and can be traced back to the responsible person.

We have helped organizations with 10k+ employees to implement IAM and eradicate password sharing. You can do it for your small or medium business too.

Families have no reason to share passwords either. Cyber hygiene starts at home.

Can Neulock store documents, notes, and other secrets?

No. Technically, Neulock doesn't store anything, not even your passwords.

Neulock's unique security model also makes it incapable of storing arbitrary data. And this is a good thing.

Can Neulock store my cryptocurrency recovery / seed phrase?

No, because Neulock cannot store arbitrary information. In Neulock, all passwords are calculated using your master key and metadata, including a random number. That's why passwords are random-like and statiscally unique.

We do recommend, however, that you use Neulock to generate a strong password for your cryptocurrency wallet, and another one to encrypt your recovery (seed) phrase. You can then backup your encrypted recovery phrase wherever you like.

Still have questions? Contact us and we'll be happy to help.


Audit Neulock yourself

We made Neulock Web free for everyone, so that anyone can see how it works.

Just head to web.neulock.app and open your browser's developer tools. You can see all the requests Neulock makes, and you'll notice that we never send your passwords or any of your secrets to our servers.

Feel free to explore, and if you have any questions, reach out to us. We love to talk about Neulock!


Phone displaying Neulock app password setup screen

Why Neulock Stands Out

  • Unparalleled Security: As safe as an offline password manager, Neulock is leak-proof by design.
  • Anywhere Access: Your passwords, on any device, anytime.
  • Uncrackable passwords: Say goodbye to weak, human-created passwords, that you keep reusing.
  • Transparent Trust: We guarantee your privacy by never holding any of your secrets. Audit it yourself!
  • For Everyone: User-friendly design with innovation at its heart.