Key Highlights
- Vaultwarden-aligned login and master password verification workflow.
- Per-user key hierarchy with encrypted user key storage and key rotation compatibility.
- Short-lived presigned URLs for object access to reduce token exposure window.
Back to Home
Product
Security
Security in LockMem is designed around strong client-side cryptography and strict server-side authorization.
Implementation Notes
- Password material is processed with KDF parameters before validation.
- API routes enforce authenticated scope before metadata or object operations.
- Admin-sensitive operations require explicit password confirmation.
Review Security API Flow
Start with prelogin to fetch KDF metadata, then complete authenticated API login and token-based calls.
View API Reference