Kept
Sign in

Frequently asked questions

Plain answers to the questions people actually ask about Kept. For the technical privacy model, see how privacy works.

The basics

What is Kept?

A private journal. You speak or type; Kept transcribes, tags, and stores your entries end-to-end encrypted. Only you can read them.

Is Kept therapy?

No. Kept is not a medical, therapy, or crisis service. If you're in danger, please contact a local helpline.

Where does my journal live?

Encrypted on our servers. The decryption key is derived from your passphrase, in your browser. Without the passphrase (or a recovery key) the stored data is unreadable noise.

Passwords and passphrases

Why do I have both a password and a passphrase?

They do different jobs. Your password proves to the server that you're you — it signs you in, and you can reset it by email like any normal account. Your passphrase never leaves your browser; it derives the key that decrypts your entries. We physically cannot reset the passphrase, because we never see it.

Mental model: the password is the key to the building (we hold a copy). The passphrase is the key to the safe inside (only you do).

What happens on a new device?

Sign in with your email and password, then enter your passphrase once. Your browser derives the key locally and unlocks your vault. We never sync the passphrase between devices, because we don't have it.

Can I change my passphrase?

Yes — via the recovery flow. Generate a recovery key first, then use it at /auth/recovery to set a new passphrase. (Direct in-place passphrase change without recovery is on our list.)

Recovery keys

What is a recovery key?

A 24-character code that wraps a second, independent copy of your data key on the server. If you lose your passphrase, the recovery key is the only way to get back in. We strongly recommend generating one the day you start journaling.

How do I generate one?

Sign in, unlock your vault, then go to Settings → Recoveryand choose Generate recovery key. You'll see the 24-character code once. Print it or copy it into a password manager immediately — Kept never shows it again and never stores it in a form we can read.

How do I use it if I forget my passphrase?

Go to /auth/recovery (or click Forgot passphrase?on the unlock screen). Sign in with your email and password, paste the recovery key, and set a new passphrase. Kept unwraps the data key using the recovery key, re-wraps it with your new passphrase, and you're back in.

What happens to the recovery key after I use it?

It's consumed — deleted from the server. Generate a fresh recovery key from Settings right after you reset, so you're covered again. Treat each recovery key as one-shot.

What if I lose both my passphrase and my recovery key?

Your entries are unrecoverable. There is no support backdoor, no admin override, no second copy we can decrypt. This is the cost of the guarantee that we cannot read your journal.

Can I delete or rotate the recovery key?

Yes. In Settings → Recovery you can delete the current key (and immediately generate a new one). Do this if you think a printed copy was seen or lost.

What should I do with the printed key?

Treat it like the spare key to a safe. A locked drawer, a home safe, a trusted password manager. Don't email it to yourself, don't store it in the same place as your passphrase, and don't photograph it onto a cloud-synced camera roll.

Voice and transcription

Where does transcription happen?

Audio is encrypted in your browser before being sent for transcription via our AI gateway. The transcript comes back, is tagged, and the ciphertext is stored. Plain audio and plain text are never written to our database.

Why is the microphone sometimes missing on the passphrase field?

Kept only shows the mic on browsers where speech recognition is known to run fully on-device (Safari on macOS/iOS, recent Chrome with the on-device flag). Everywhere else we hide it rather than quietly route your passphrase through a cloud STT service.

What is voice training for?

It enrols a voiceprint so Kept can verify that the speaker on a new entry is you. If verification fails, the entry is discarded — this stops other people's voices from being added to your journal. You can reset the voiceprint anytime in Settings → Voice.

Crisis support

Does Kept watch what I say?

A keyword tripwire runs in your browser, before your entry is encrypted and sent. If it matches, Kept surfaces local resources immediately. The check happens on your device — we don't see the entry.

Is Kept a substitute for a crisis service?

No. If you're in danger, contact a local helpline. Kept is a journal, not a responder.

Your data and deletion

What can I export?

In Settings → Data you can export your decrypted entries (decryption happens in your browser) as a portable archive.

What does "wipe" actually do?

Deletes your entries, audio, embeddings, voiceprint, recovery key, vault metadata, and authentication record. Kept retains only the minimum crisis-dispatch audit metadata required for safeguarding integrity — no entry content, no audio.

Can Kept staff read my journal?

No. We hold only ciphertext. Anyone with database access — including us and including a subpoena — sees encrypted bytes, not your words.

How privacy worksStart journaling