Security guidelines
Last updated: 30 May 2026
NT² Vault protects data at rest and in transit, but you control the master password and backup files. Follow these rules to stay safe.
Master password
- Use a long, unique password—not reused from other sites.
- Store it in a safe place outside the vault (password manager you trust, or offline record).
- Never share it with anyone, including NT² staff.
Backups (.nt2vault)
- Treat backup files like cash: anyone with the file and your master password can decrypt your vault.
- Store backups encrypted at rest when kept on cloud drives.
- Delete old backup copies you no longer need.
Support channels
Never post secrets in public channels
Do not share your master password, mnemonic phrase, private keys, vault screenshots, or .nt2vault files in forums, email, or social media—even when asking for help. NT² staff will never ask for these.
- Describe problems in general terms ("import fails on Safari") without pasting sensitive content.
- Beware of impersonators in DMs offering "account recovery." NT² cannot recover lost passwords.
- Report phishing or scams via Contact.
Device hygiene
- Lock your vault when stepping away; do not leave an unlocked vault on shared computers.
- Keep your browser and operating system updated.
- Be cautious of browser extensions that can read page content on untrusted sites.
Sharing assets (future)
Vault-to-vault sharing features are planned with explicit recipient controls and expiry. Until then, prefer .nt2vault or encrypted share links with short TTL when available—never send plaintext secrets over email or messaging apps.