Lockroot is an offline password manager for Android. It keeps a single encrypted vault on the device and does not need accounts, sync servers, analytics, ads, or telemetry. No account. No sync. No ads. No analytics. No telemetry. No recovery backdoor. The tradeoff is simple: if the master password is strong and remembered, the vault can be unlocked. If the master password is lost, the vault is gone. What It Does Creates an encrypted local vault. Unlocks the vault with a master password. Stores titles, websites, usernames, passwords, notes, and tags inside ciphertext. Adds, edits, deletes, reveals, copies, and searches entries locally. Generates passwords with configurable length and character groups. Clears app-copied clipboard values automatically. Locks when the app goes to the background. Exports encrypted backups with a separate export password. Imports encrypted backups with preview, merge, or replace. Requires Terms and Privacy acceptance before first vault creation. Android also locks after inactivity and blocks screenshots/normal screen recordings with FLAG_SECURE. Android Permissions Lockroot currently declares zero Android permissions. It does not request: Internet Camera Contacts Location Microphone Notifications Broad storage access Import and export use Android's system document picker, so broad storage permission is not needed. No Recovery There is no forgot-password flow. There is no recovery key. There is no server-side backup. If the master password is lost, Lockroot cannot decrypt the vault. Keep an encrypted export somewhere safe if the data matters. Limits Lockroot protects vault data at rest. It cannot fully protect secrets if the device itself is compromised. Real risks include: rooted or compromised devices malicious keyboards malicious accessibility services fake or modified APKs someone watching the master password being typed someone recording the screen with another camera Use a trusted build, keep the device clean, and use a strong master password. Security Design Lockroot never uses the password directly as an encryption key. Master password -> Argon2id -> 256-bit vault key -> XChaCha20-Poly1305 -> encrypted local vault Encrypted exports use a separate password and key: Export password -> Argon2id with a new salt -> export key -> encrypted export file Wrong passwords, modified vault files, and modified export files fail authentication. The app does not silently decrypt garbage.