Account-free vault recovery
No passwords. No login. No account to recover.
Your heirs should not need access to your email or password manager. DMSKey creates recovery artifacts that work without a traditional user account.
- No username or password
- Client-side encryption
- No vault upload
Why account-free recovery matters after death or incapacity
Email accounts expire, passwords are forgotten, and subscriptions lapse. Recovery artifacts should remain usable without access to the creator's inbox, password manager, or DMSKey account.
What stays on your device, what reaches service providers
DMSKey is a no-account product by design. The hosted backend never receives the secret material. Payment is processed by Stripe; infrastructure providers see normal request metadata.
Never leaves your browser
- Vault contents (the secrets you encrypt)
- The 256-bit encryption key
- Contents of each Shamir share
May reach DMSKey or Stripe
- Payment details and customer record (Stripe)
- Licence metadata (plan, entitlement token) — DMSKey
- Request metadata at the CDN, hosting layer, and reverse proxy — DMSKey
How a no-account model actually works
Traditional account model vs DMSKey
Most online vaults assume your family will have access to your inbox and remember another login. DMSKey decouples recovery from the account layer entirely.
Pay once, recover forever
DMS Full is a one-time purchase. Recovery of an existing vault never requires an account, subscription, or additional payment. See full pricing on the inheritance plan.
Questions about the no-account model
Why does DMSKey avoid user accounts?
A traditional account adds dependencies — an email address, a password, a session table, an active subscription — that your heirs may not have access to. A no-account model decouples the recovery artifacts from any login, so an existing vault can be opened without signing in.
How do I 'log back in' to download my cards later?
You do not — and you do not need to. The cards are produced once, in the browser tab where you created the vault, and saved as a .zip on your device. If you lose the .zip, hand-print fresh copies from the JSON files on any other device with a browser.
Can my heirs recover without my email or my password manager?
Yes. The recovery artifacts are the printed cards and the offline recovery package. They do not depend on your email address, your DMSKey account (there is none), or any password manager entry.
What if I lose my licence token?
Losing the licence token may affect access to paid creation features, but it does not affect recovery of an existing vault. The token can be re-issued from the Stripe receipt without registering an account.
What happens if I clear browser storage or switch to a new device?
Clearing browser storage removes the locally-cached licence token. Recovery of an existing vault still works — the printed cards and the offline recovery package are the recovery artifacts. To create new vaults from a new device, re-issue the licence token from the Stripe receipt.
What if I lose the downloaded cards before printing them?
The .zip with the original vault contains every share as a JSON file plus the offline recovery bundle. If you lost the .zip, the vault can no longer be reprinted from scratch — but if any K printed cards already exist, the vault can still be recovered with them and a fresh .zip generated. Always print the cards immediately and store the .zip on at least one durable medium.
Does recovery still work if DMSKey shuts down?
Yes. The printed cards and the offline recovery package are designed to recover the vault independently of the hosted service. Recovery does not contact the DMSKey backend.
Do you log my IP address?
DMSKey application logs are designed to avoid vault contents and unnecessary personal data. Infrastructure providers — the CDN, the hosting layer, and the reverse proxy — may process IP addresses and request metadata for delivery, security, and abuse prevention.
Create a vault that does not depend on your email or password
Recovery artifacts that work without a DMSKey login, a subscription, or access to your inbox. Technical users can inspect the network requests during creation to confirm the model.