At CyberFOX the security
of your data is our highest priority
Protecting your data
CyberFOX is built with the premise that any information a user stores in CyberFOX should only be accessible to that user, and nobody else. The Master Password is the basis for this security. Each user chooses a Master Password and this becomes the key to locking and unlocking access to your data.
The Master Password is not stored or transmitted anywhere, even CyberFOX does not have a copy. Without knowing your Master Password there is no access to the information stored in your CyberFOX account. If a user forgets their Master Password, CyberFOX employees do not have the ability to reset the Master Password.
Client side data encryption and decryption
All CyberFOX user data is encrypted and decrypted locally using AES-256, that same levelof encryption banks and governments use to protect data. This encryption has never been cracked and means that the data you store in CyberFOX remains safe, secure and private.
All access to user data requires the Master Password. The Master Password is used to generate a unique encryption key using PBKDF2 (OpenSSL’s PKCS5_PBKDF2_HMAC_SHA1). The CyberFOX client database is initialized with a unique random salt in the first 16 bytes of the file. This salt is used for key derivation and it ensures that even if two databases are created using the same password, they will not have the same encryption key. This process uses 64,000 iterations for key derivation.
Server verification with certificate pinning
Secure sharing of passwords
CyberFOX makes it easy for users to share data with people you trust. You have complete control over who receives the information as well as how long they have access to it.
All shared data is secured using a unique key with a randomized IV, encrypting it with 256 bit AES in CBC mode and computing SHA256 HMAC on the ciphertext. The data is then encrypted using 2048 bit RSA keypairs prior to being transferred between users.
User chosen data storage location
CyberFOX has data storage locations around the world to provide faster synchronization of data between your devices.
Data privacy concerns for users can also benefit from this feature allowing users to choose where their data is stored. By default users are assigned a storage location close to their physical location. Users can also change the storage location of their data any time they choose. Users in the European Union have their data stored on servers in the EU.