Use cloud storage for your metadata, but not your passwords!
Why does AltoPass need a cloud backup?
Our main security feature is Generated Passwords, i.e. the passwords calculated on the device. So why would we even need a backup in the cloud?

In reality, there is quite a bit of important user data that is crucial for AltoPass operations, even in deterministic (generated) password mode.
• We store account IDs.
• We store usernames.
• We store user-created custom fields.

We store Custom Passwords in case you chose to use your own passwords for some accounts.

For AltoPass generated passwords, we store additional pieces of cryptographic data which goes into the calculation that takes place on the device. This data won't be enough for the potential attacker to deduce your passwords, but it is a critical part of the password calculation process.
Login to AltoPass cloud with Key Phrase
We have developed a new, safe way to log into AltoPass Cloud by using your Key Phrase.
For development of our new algorithm we used PAKE protocol that allows logging in with your Key Phrase without actually capturing it by the server.
Your Key Phrase never leaves the device and is unknown to the server. Your device just demonstrates to the cloud server the knowledge of the Key Phrase without actually providing the Key Phrase itself. Nor does it provide any other information from which the password can be derived.
User MetaData File
AltoPass uses a proprietary format to store our user's metadata. This metadata file contains all the information necessary to generate/decrypt passwords and other fields on the device (of course only when correct input of the user's Key Phrase is provided).
Our users have choices as to how/where to store this metadata file. The simplest way is to use AltoPass Cloud. However, we do support other options including 3rd party cloud services (such as Dropbox, Google Drive, ext...) as well as storing to device's internal storage or a network location.

AltoPass app can restore your data from a given metadata file. However, the restore is only successful if you correctly remember the Key Phrase that was used to store that file,or if you have the correct emergency Access Kit.
AltoPass Cloud and Automated Synchronization
AltoPass provides cloud storage for the metadata files. Backup and Restore function from AltoPass Cloud is the default option for the app. Users are encouraged to use the "Automated Sync" option which will restore the latest version to the cloud upon any change (adding/removing/changing of any field for any account). This is the safest way to keep your cloud backup up to date.
Start to keep your passwords securely today. It's free
Create your AltoPass account along with 100 000 users
© 2022 AltoPass, Inc.
Do you have any questions? Contact us!
I agree the Terms of Service