Syncing your secrets
Secrets uses iCloud to keep your data in sync between your devices. Specifically, every iCloud vault you create will automatically appear on all your trusted devices.
For a device to be classified as "trusted," you must be signed in to iCloud with the same Apple ID, and that device must be listed in the "Devices" section of the application's settings.
Trusted devices
Trusted devices securely share the iCloud vault keys among themselves. See our "Security Design" page for details on how these keys are securely shared.
Check out our blog post explaining the rationale behind trusted devices.
Paper devices
Paper devices are "special" in the sense that they are not actual devices but rather a key printed on paper. Paper devices can act just like any other trusted device, but they can also be used as recovery keys if you need to unlock any of your other trusted devices.
Any trusted device can create a paper device. When doing so, Secrets will ask you to print the keys for this device. You should be ready to print and store them somewhere safe.
If you're using iCloud, it's highly recommended that you create a paper device.
Authorizing a new device
If one of your devices isn't listed in the "Devices" section, you'll need to add it before it can access your iCloud vaults.
You can authorize a new device using either an existing trusted device or a paper device.
To use an existing trusted device, you must be near both the trusted device and the new device, and both must have an internet connection. Follow these steps:
- Open the application's settings on the new device.
- Navigate to the "Devices" section.
- Tap/click the unlock button to make changes.
- After unlock, the existing trusted device shows a "Request Authorization" button. Tap/click that button.
- A notification should arrive on the trusted device. Tap/click that notification.
- A new window should open an start the authorization process.
- Once a connection between the two devices is established, a 4-digit code should appear on the new device. Type that code on the trusted device to complete the process.
The process for using a paper device is very similar. Instead of sending a notification to a trusted device, you'll be asked to scan the paper device's key or enter it manually.
Revoking a device
Any trusted device can also revoke another device. Follow these steps to revoke a device:
- Open the application's settings on the new device.
- Navigate to the "Devices" section.
- Tap/click the unlock button to make changes.
- Long press/right-click on the device to revoke and choose "Revoke"
- Confirm that you want to revoke that device, and you're done.
Revoking a device will prevent it from continuing to sync with your iCloud vaults.
iCloud vaults
Currently, the only option Secrets provides to sync your secrets is via iCloud.
When using iCloud vaults, any items stored in that vault will automatically sync to all your other trusted devices. Note that each device stores a local copy of these vaults, meaning you are free to make changes even if you're offline. Your changes will be uploaded and synced to your other devices when those devices come online again.
Any iCloud Vault you create will automatically appear on your other trusted devices. Similarly, any iCloud Vault you delete will also be automatically deleted from your other devices.
Finally, an iCloud vault can also be shared with other users. To learn more about vault sharing, check out our "Sharing your secrets" page.