All your passwords and other sensitive data are encrypted with the strongest known encryption standard AES-256, approved by the US Government. The passphrase that you enter for logging in to Zoho Vault is being used as the encryption key and it is NOT stored anywhere. It purely lingers in your memory and no one else can decrypt or view your secrets, ever!
The best passwords are dynamic and hard to remember. Password reuse across sites and applications is a potential security threat as a password expose in one of the sites increases the probability of hackers gaining access to your other online accounts too. Assigning strong, unique passwords to every online account is imperative to protect the online accounts. Using Zoho Vault, you can generate strong, unique passwords for your accounts without the problem of remembering them.
All sensitive actions done by the users with respect to secret deletion, edits and changes are audited. Details like 'who' carried out the operation, 'what' was the operation and 'when' it was done are captured as audit trails, which are tamper-proof and will remain forever.
In information security, the human angle also assumes significance and anti-shoulder surfing measure is an absolute necessity. Zoho Vault displays the passwords in masked form in the interface. When the user retrieves the password, it is shown in plain text only for 10 seconds, after which it is masked again.
If users leave their Zoho Vault screen unlocked, it might lead to unauthorized access to secrets. To guard against this, you can configure automatic logout for inactivity.