Myki stores your password away from the cloud, and allows you to login on any device upon pairing your Myki app with your computer. Pairing is made in a P2P encrypted manner.
Myki stores your passwords securely on your smartphone. Your passwords are not stored in the cloud which makes it virtually impossible for hackers to steal your data from a remote location. This is a very important point that we believe other password managers do not address. When your passwords are stored in the cloud, a hacker can try to compromise that cloud in order to gain access to the entire database of encrypted user vaults. In the case of Myki, the backups are decentralized across users' smartphones which prevents hackers from gaining access to a large number of backups by hacking one cloud. Attackers would need to try to compromise one device at a time in order to gain access to the encrypted password list which is extremely difficult because the password vault remains in your possession at all times.
Myki gives you the option to keep a secure backup of your accounts on any computer that you pair your Myki app with. This allows you to recover your data in case something happens to your phone. You can also create manual backups of Myki that will generate a ‘.myki' file that you can store in any location that you deem secure. We are also working on adding a ‘backup with a friend' feature that allows you to keep a secure backup of your passwords on a friend's Myki app very much like a spare key. The friend would not be able to access your Myki Vault unless you grant them access to it.
Signing up to a new device using the same phone number previously used will cause the Myki app on the old device to wipe all stored data.
Myki pairs with your computer through the Myki browser extension that is installed in your browser of choice. You connect the app with the Myki extension by scanning a QR code on your computer with the Myki app (see steps here). This creates a P2P encrypted link between the Myki app and the Myki browser extension which allows your phone and computer to securely exchange passwords and other sensitive data. Scanning a QR code is an optical way of transferring information between your phone and your browser which ensures that the encryption key is never exchanged over the Internet. Any intruder trying to intercept your network communication would not be able to decrypt the data being transmitted.
There are three ways for you to add your passwords to Myki. The first one is through the Myki app. You can click on the '+' sign and manually type in your username and your password for the selected website. The second method is via the chrome extension while you browse. Whenever you log into a website on your computer that has a paired Myki chrome extension, Myki will ask you to save the account into your Myki app. Clicking the save button will add the account to Myki which will allow Myki to auto-fill it from that point onwards. The third method is to import your accounts from Google Chrome or another password manager via the Myki chrome extension by following the steps in our guide (Import Your Existing Passwords To Myki).
You can pair the Myki app with your computer browser via the Myki browser extension which allows you to securely exchange passwords and other sensitive data between your phone and your computer. The Myki app also allows you to store a secure backup of your accounts on your computer in order to recover your accounts in case something happens to your smartphone.
In order to pair the Myki app with your computer browser via the Myki browser extension, you scan a QR code that contains an AES256-CBC encryption key that is only ever seen by the Myki app and the Myki Browser Extension. Whenever you request a passwords or other sensitive data from the Myki app, the data is encrypted using this encryption key and sent over the Internet in a P2P encrypted manner to your computer. This ensures that the communication between the app and the computer is secure at all times. Whenever you disconnect, the Myki app from your computer by either pressing the disconnect button on the app or in the extension, the key is deleted from both ends and the extension removes any sensitive data that it holds including any session data that it generated. Whenever you disconnect the Myki app from a computer, you get logged out from all the accounts that Myki logged you into which is useful in different use cases.