Secret Phrase: Your Vault's Recovery Lifeline

What Is the Secret Phrase?

Every vault in Vaultaire is protected by a cryptographic encryption key. Normally, that key is derived from the pattern you draw on screen. But what happens if you forget your pattern? What if months pass and the muscle memory fades? Without a backup, your data would be gone forever.

That is where the secret phrase comes in. When you create a new vault, Vaultaire generates a sequence of 12 or 24 ordinary English words — words like “timber,” “harvest,” “ocean,” “bright.” These words are not random gibberish. They follow the BIP-39 standard, a well-established protocol originally designed for cryptocurrency wallets that encodes binary data into human-readable words. Each word maps to a specific number from a standardized list of 2,048 words, and together the full sequence encodes the exact same cryptographic key that your pattern derives.

Think of it this way: your pattern and your secret phrase are two different roads that lead to the same destination. The pattern is the road you use every day. The secret phrase is the emergency detour you keep in the glove box, just in case.

How the Secret Phrase Works

The secret phrase is not a separate password or a second key. It is a different representation of the same underlying cryptographic material that your pattern produces. Understanding this distinction matters, because it means the phrase does not introduce a second attack surface — it does not create an alternative way to crack your vault. It simply provides an alternative way for you to access it.

Generation

When you create a vault and draw your pattern for the first time, Vaultaire derives a cryptographic key through its key derivation process. This key — a long string of binary data — is then encoded into a sequence of words using the BIP-39 word list. The mapping is deterministic: the same key always produces the same words, and the same words always produce the same key.

Display

Vaultaire shows you the secret phrase exactly once, at the moment of vault creation. The app presents each word clearly and gives you time to write them down. Once you dismiss this screen, the phrase is never shown again. It is not stored in the app, not saved to a file, and not backed up to any server.

Recovery

If you forget your pattern, you open Vaultaire and choose the recovery option. You enter your secret phrase — all 12 or 24 words, in the correct order. The app converts those words back into the cryptographic key, verifies it against the encrypted data, and if everything matches, you are back in. You then set a new pattern, and continue as normal.

Why the Secret Phrase Exists

Vaultaire uses zero-knowledge encryption. That means nobody — not Vaultaire, not Apple, not your cloud provider — can decrypt your vault. This is a tremendous security advantage, but it comes with a tradeoff: there is no “forgot password” button. No support team can reset your access. No server holds a backup copy of your key.

The secret phrase is Vaultaire’s answer to this tradeoff. It gives you a human-readable backup of your encryption key without compromising the zero-knowledge architecture. The phrase exists entirely under your control. If you keep it safe, you always have a way back in. If you lose it, nobody can help you — and that is exactly the point.

Patterns are powerful and intuitive, but they rely on muscle memory. Life gets in the way. You might not open a vault for six months. You might switch phones and lose the physical familiarity of the gesture. You might have a medical situation that affects your fine motor control. The secret phrase ensures that none of these scenarios means losing your data permanently.

Security of the Secret Phrase

The secret phrase is the most sensitive piece of information associated with your vault. Anyone who has it can reconstruct your encryption key and access your data. That is why Vaultaire treats it with extreme care — and why you should too.

Shown Once, Then Gone

Vaultaire displays the secret phrase a single time, during vault creation. After you confirm that you have recorded it, the phrase is permanently erased from the app’s memory. There is no “show phrase again” button. There is no settings screen where you can look it up. If you did not write it down when it appeared, it is gone.

Never Stored, Never Transmitted

The phrase is not saved to your device’s storage, not included in iCloud backups, not sent to any analytics service, and not logged anywhere. It exists in device memory for the brief moment it is displayed on screen, and then it is zeroed out. Even if someone gains full access to your phone, they will not find the phrase anywhere on it.

No Recovery Without It

If you lose both your pattern and your secret phrase, your vault is permanently inaccessible. Vaultaire cannot help you. Apple cannot help you. No law enforcement agency, no court order, no amount of computational power can recover the data. This is the fundamental bargain of zero-knowledge encryption: absolute security means absolute responsibility.

Best Practices for Your Secret Phrase

Your secret phrase is the ultimate backup for your most private data. Treat it accordingly.

Write It Down on Paper

Use a pen and paper. Write each word clearly, in order, numbered. Paper cannot be hacked remotely. It cannot be compromised by malware. It cannot be silently exfiltrated from a cloud service. A piece of paper in a safe place is the most resilient form of backup storage ever invented.

Never Store It Digitally

Do not type it into a notes app. Do not take a screenshot. Do not email it to yourself. Do not save it in a password manager. Every digital copy creates an attack surface — a place where the phrase could be discovered by malware, exposed in a data breach, or accessed by someone who compromises your accounts. The entire point of zero-knowledge encryption is that no digital system holds your key. Putting the phrase in a digital file defeats that purpose.

Keep It in a Safe Place

Store the paper somewhere secure and private. A home safe, a safety deposit box, or a locked drawer that only you access. Consider the same precautions you would take with an important legal document or a birth certificate. If you have multiple vaults, label each phrase clearly so you know which vault it belongs to.

Consider a Trusted Person

If something happens to you, should someone be able to access your vault? If so, you might give a copy of the phrase to a trusted family member or include it in a sealed envelope with your estate documents. This is a personal decision, but it is worth thinking about before the question becomes urgent.

How Recovery Works

The recovery process is straightforward, but it is worth understanding what happens at each step so you know exactly what to expect.

Step 1: Open the Recovery Screen

When you open Vaultaire and are prompted for your pattern, you will see a recovery option. Tap it, and the app presents a word-entry interface where you can type or select each word of your secret phrase.

Step 2: Enter Your Phrase

Enter all 12 or 24 words in the exact order they were originally shown. The app validates each word against the BIP-39 word list as you type, helping you catch typos before you submit. Word order matters — “ocean timber harvest” is not the same key as “timber ocean harvest.”

Step 3: Key Regeneration

Once all words are entered, Vaultaire converts the phrase back into a cryptographic key using the BIP-39 decoding algorithm. This is a deterministic process — the same words always produce the same key, no matter what device you are on or how much time has passed.

Step 4: Set a New Pattern

After the key is restored and your vault is accessible again, Vaultaire prompts you to draw a new pattern. This new pattern becomes your primary access method going forward. The underlying encryption key does not change — only the pattern that derives it is updated. Your secret phrase remains valid.