EN DE
VeilVault Logo

Documentation

Limitations

← Back to Docs Back to VeilVault →

Limitations

This document describes the intentional limitations of VeilVault.

These limitations are not accidental gaps or missing features.
They are the result of deliberate design decisions made to prioritize security, control, and offline operation.

VeilVault is a security-first, offline-only password vault developed by CodeVeil.

No Password Recovery

VeilVault does not provide any form of password recovery.

  • No recovery email
  • No reset mechanism
  • No backup key
  • No server-side fallback

If the master password is lost, the vault is permanently inaccessible.

This is an explicit design choice to ensure that only the user can access their data.

Vault Data Is Device-Local

Vault data is stored locally on a single device.

  • There is no built-in sync
  • There is no account-based access to vault data
  • Vaults are not automatically transferable between devices

Users who want multi-device access must manage exports and imports manually.

No Cloud or Web Access

VeilVault does not offer:

  • Web access
  • Browser-based vault viewing
  • Server-hosted dashboards

All interactions with the vault occur locally on the device.

Offline-Only by Design

VeilVault is designed to operate without any internet dependency.

  • No remote wipe capability
  • No server-side alerting
  • No online recovery option

Device Security Dependency

VeilVault relies on the security guarantees of the underlying operating system.

  • No support for rooted devices
  • No support for modified operating systems
  • No guarantees under active instrumentation

Limited Protection While Unlocked

  • Screen capture protections rely on OS enforcement
  • Shoulder surfing cannot be prevented
  • Accessibility abuse may still be possible

Decoy Mode Is Not Absolute Protection

  • No cryptographic deniability
  • No forensic resistance
  • No concealment of app existence

Emergency Actions Have Consequences

  • Emergency wipe is irreversible
  • Accidental activation causes permanent data loss
  • PanicHold actions are non-destructive

No Universal Threat Coverage

  • No protection against kernel-level malware
  • No defense against hardware extraction
  • No guarantees during active use

Summary

VeilVault prioritizes clear boundaries over vague promises.

Its limitations are documented so users can make informed decisions.

← Back to Docs