Frequently Asked Questions

Frequently Asked Questions


  • How does the free trial work?

    When you sign up, you'll get access to all the features available in the Enterprise Edition for 15 days and up to five user additions. At the end of your trial period, you can either subscribe to any one of our paid plans or do nothing and get automatically moved to our Free Forever plan with all your data intact.

  • Do you need my credit card details to start a trial?

    No, we do not ask for your credit card information to start the trial.

  • What happens to my account after the trial period expiration?

    You will automatically be moved to our Free Forever plan that is valid forever.

  • What are my payment options?

    We accept payment via American Express, MasterCard, Paypal, and Visa for our monthly subscriptions. If you wish to make a payment for an annual subscription, you can also do a bank transfer or check transfer. For more details, get in touch with our account manager or drop us an email at

  • Do you offer any discounts on pricing?

    We offer a flat 10% discount on our annual subscription plans.

  • Do you have special discounts for non-profit and educational institutions?

    Yes, we are happy to offer special pricing to support people who are doing great things. Drop us an email at sales@zohocorp.comto learn more about the special discounts offered to nonprofit and educational institutions.

  • Can I upgrade/downgrade or cancel my account at anytime?

    Yes. You can upgrade, downgrade or cancel your account at anytime.

  • Do you have any cancellation fees?

    Zoho Vault is a pay-as-you-go service, and there are no cancellation fees levied. If you cancel your account, you'll only be billed for the current month.

  • Have any other questions?

    Send us your questions at and we will be glad to assist you.

Data Security and Privacy

  • How do you ensure data security and privacy?

    All sensitive data, including passwords, is stored in a fully encrypted form. The data is encrypted in your browser using AES 256 algorithm and then transmitted in a fully encrypted form over SSL. Our data center holds only your encrypted data.

    Your passphrase acts as the encryption key, which is not stored anywhere. This passphrase must be supplied every time to decrypt your data. As a result, you get complete data privacy. No one, except you, can access your data.

  • Where are your data centers hosted?

    At present, our servers are hosted at the Unites States and Europe.

  • Where can I find detailed information regarding security and privacy policies?

    Consult our dedicated pages on application security, privacy policies and security practices.

Getting started

  • How do you handle account and organization creation?

    When you create an account with Zoho Vault, an organization gets created internally. The organization administrator must send an invite to their company employees to register with Zoho and join the account. Upon accepting the invitation, the user will become a member of the organization. Note that a user cannot be a member of more than one organization registered to Zoho.

  • What can be done when a user you are trying to add is already registered with another organization?

    A user cannot be a member of more than one organization registered with Zoho. The user must delete their organization to join your organization.

  • Whats steps can a user take to delete their organization in order to join a new one?

    Important Note:

    Deleting an organization leads to data loss from all Zoho applications connected to that organization. If the user is using any other application in Zoho suite (tied to the organization created using their email address), the user should be careful to backup any important data.

    The following applications will retain their data after deletion of an organization:

    • Zoho Campaigns
    • Zoho CRM
    • Zoho People
    • Zoho Projects
    • Zoho Creator
    • Zoho Recruit
    • Zoho Report
    • Zoho Support

    Data related to all other Zoho services, such as Zoho Business (Zoho Mail suite), Zoho Docs, Zoho Connect, Zoho Reach, Zoho Creator, and SDP On-demand, will be lost.

    To delete an organization:

    1. Access the control panel of Zoho Business by clicking on the
      • If the user is not already logged into Zoho, they will be prompted for their Zoho credentials to login Upon successful login, the user will be automatically redirected to Zoho Mail.
    2. Locate and click on the Control Panel link present in the top right-hand side of Zoho Mail page.
    3. Locate and click the Delete Organization link on the dashboard of the Control Panel. This will take the user to the Delete Organization page where they can delete the organization linked with this account.

    Once the organization has been deleted, the user can accept the invitation to join your organization.

  • What is a passphrase and how is it different from a password?

    Logging into Zoho Vault is a two step process. First, you need to enter the registered e-mail address and its password to authenticate for Zoho.In the next step, you enter the passphrase to access the Zoho Vault.

    A passphrase is common for all Zoho Vault users irrespective of their user roles. All sensitive data, including passwords, are stored in a fully encrypted format. Zoho's data center holds only your encrypted data. Your passphrase acts as the encryption key, which is not stored anywhere. You must supply the key to decrypt your data. Be sure to store this passphrase somewhere safe.

  • What happens if I forgot my passphrase?

    If you have forgotten the passphrase, you have the option to reset it. However, if you reset your passphrase, you will lose any secrets you have added to Zoho Vault. When you reset the passphrase, you will receive an offline encrypted HTML file with all your secrets. If you happen to recollect your passphrase in future; you will be able to decrypt the data and recover any lost secrets.

  • What should I do when the "Import secrets provided is invalid" error is displayed?

    This error could may occur if the import file contains any unsupported special characters. Zoho Vault does not allow or recognize any special characters, such as [ ] " < > ( ) { } ^` ; !


  • What is the difference between enterprise vs. personal Secrets?

    You can store both enterprise and personal passwords in Zoho Vault without any compromise of privacy. If you intend to share a Secret with other users, then you should classify that Secret as an enterprise. A personal Secret cannot be shared with other users. However, this classification is editable, and you can change it at any time.

    Navigate to Secrets and choose  All Secrets. Click the Edit button to re-configure the Secret type. All personal and unshared passwords are encrypted using the user's passphrase. Only the user can decrypt and see their personal passwords.

  • Why can't I edit Secrets that are shared with me?

    This situation arises when a Secret is shared to you with the "View Only" privilege assigned by the owner. In this case, you will not have the edit pencil. The edit pencil is only visible for the Secrets in which you have "Modify" or "Manage" privileges.

  • How do I initiate sharing Secrets with other users for the first time?

    Sign into Vault: Ask your organization administrator to invite you to join Vault. Users can be invited by navigating to the Admin tab and clicking Add User.

    Initiate sharing: When you sign in to Vault for the first time, you will be prompted to complete a mandatory configuration to initiate sharing. Just click the Initiate Sharing button that you see on the web interface. Alternatively, you can do this from the Settings menu under the  Sharing Secrets tab.

    Ask your organization administrator to approve:  Your sharing request must be approved by your organization administrator. As soon as you click the  Initiate Sharing   button, your organization administrator will receive a notification, requesting approval. The request can be can approved by navigating to the Settings and then clicking Sharing Secrets and  Approve Requests.

    Once these steps are completed, your co-workers will be able to start sharing Secrets with you, and you with them.

  • Can administrators see unshared Secrets?

    No, administrator cannot see unshared Secrets. Personal and unshared Secrets are encrypted using the respective user's passphrase.

  • When sharing secrets, what is the difference between One Click Login, View, Modify and Manage privileges?
    • One Click Login: For secrets shared with this permission, passwords are not shown, but shared users can automatically log-in to the websites associated with it. For example, company-owned Twitter accounts, if shared with this permission, can be used to automatically log in to the website without revealing the actual passwords.
    • View:  When a secret is shared with this permission, shared users can view and copy the password.
    • Modify: For secrets shared with this permission, shared users can view, copy, and edit the password.
    • Manage: In addition to the Modify permission, shared users canshare this secret with other users. This is like co-ownership.
  • An employee is leaving my organization. Is there a way to see which Secrets they have access to?

    From the Reports tab select User Access Report. Choose the name of the user leaving the organization to see the list of secrets they have access to. You can also acquire the secrets they own by selecting User Management, choosing a user, and clicking Acquire Secrets from the More Actions section. Alternatively, the user leaving the organization can voluntarily transfer ownership to another administrator by selecting Transfer Ownership from the All Secrets tab.

  • Is it possible to store Secrets/passwords locally? If the administrator has access to the local information, will they be able to reset a user's password? 

    Currently, Zoho Vault supports only cloud storage.

  • How do I view a list of Secrets shared with a particular user?
    • User Access Report - This report displays access permission to Secrets by username.
    • Secret Access Report -This report displays access permissions by Secret.
  • What happens to new Secrets added to a Chamber that has already been shared with other users?

    When a new Secret is added to the Chamber, it will automatically be shared with the members of the group.

  • Is there a restriction on the number of Secrets stored in Vault?

    Zoho Vault does not place any restriction on the number of Secrets in any of the plans Trial, Free, Standard, Professional, or Enterprise.

  • How to do I revoke access to or unshare Secrets?

    Sharing can be removed for specific users from the same menu that you use to share. Click the sharing icon next to the selected Secret, then click the Share With Users link. In the resulting window, move the user from the right side to the left, using the reverse arrow icon and then click Save. Sharing for that Secret will be disabled for that user.


  • Can I share an entire "Chamber" with another user?

    Chambers can be shared, not just with users, but also with user groups. We have taken care to ensure that chamber sharing remains highly flexible, secure and usable. You will find this feature in the Chambers tab.

    Navigate to the Secrets menu, select the Chambers tab and click the Sharing icon. Select Share with Users or Share with User Groups and configure the required access-level permissions.

  • How do I revoke permissions to certain users using chambers?

    You can revoke permission through the Sharing  web interface. Click the sharing icon present against the required secret and then move the user from right-hand side to the left-hand side of the GUI and click Save. This will revoke the permission.

  • What is a Chamber?

    A Chamber is a group of Secrets. Just as you group your users by job role or department, you can create a Chamber to group passwords belonging to a particular department, of a specific type, etc.When you create Chambers, it makes some bulk operations easier. For example, you can share a Chamber containing multiple passwords with an entire user group with a single click.

  • Can users add a Secret to a Chamber that someone else created and shared with them?

    Yes, users can add secrets to a shared Chamber if it's been shared with "modify" permission. If the Chamber is shared with other permissions, Secrets cannot be added by users. Only the creator of the Chamber will have permission ro modify. You can find more information on sharing Chambers here.

  • Why is the "Share" icon next to the newly-created Chamber greyed out?

    There are two reasons this might happen:

    • If the Chamber contains a Secret that was shared with you with any permission other than "Manage," that Chamber cannot be further shared by you. Only "Manage"  permission allows you to to share a Secret with others.
    • If a chamber contains a personal Secret, it will not be sharable.

    Please check to see if Chambers you are not able to share contain Secrets shared with the above permissions.

Mobile Apps

  • Are passwords encrypted when stored offline on my mobile device?

    Yes, the passwords are stored only in encrypted form. The offline version for mobile access is just as secure as the online web access. Passwords are encrypted with AES-256, the strongest known encryption algorithm. Your passphrase is used as the encryption key, which we do not store anywhere. So, even if your mobile device is stolen, passwords cannot be deciphered in plain-text without entering the passphrase. We also employ application sandboxing; the app is sandboxed to prevent outside malware, intruders, system resources, or other applications from interacting with the protected app.

  • How do I access passwords on the mobile app with no internet connection?

    You need to specifically choose the  Offline  option in the mobile app. This option is available in the top-right of the mobile interface. Once you do this, you will be able to access the data even when you are offline.

    Please note that in this case, you will be able to view only those passwords that you had accessed when you were online in the app. This means any passwords that were not retrieved when you were online will not be available in offline mode.

  • How do I log in to my account if it's secured with two-factor authentication and I don't have access to my mobile?

    When your mobile phone is not available, you'll need to use a backup code to access your Zoho account. However, if two-factor authentication was enabled by your organization admin (instead of individually by you), the super admin or org admin can try the following:

    Option 1: Log in to Zoho Vault and select the Admin tab.Choose User Management select a name from the list and click More Options, then check the Disable TFA option.

    Option 2: Log in to and select Two Factor Authentication then click the Disable link.

  • Is my data synced between web and mobile platforms?

    Yes, Zoho Vault keeps all of your passwords in sync across platforms, so you can access them from anywhere, anytime.

  • If I download the Vault app on my mobile device, will data be stored on my phone or in the cloud? Do I have a choice?

    Data is primarily stored in the cloud in Zoho's data center. Data accessed through mobile device is cached in the app's database memory for offline access. The data is fully encrypted with your passphrase. Even if the mobile device is stolen it cannot be unencrypted without the passphrase.