Mitro is designed so that only you, and the people you share with, have access to your secrets. Your passwords never leave your computer without being encrypted, so no one, not even Mitro, has access to them (if you're an expert, you should read our FAQ for security experts). The key is that no one except you knows your passphrase, and your passphrase never leaves your computer.
When you first create an account, a public and private key are generated. Your passphrase is used to create a symmetric key called the passphrase key. Your private key is encrypted using the passphrase key, then the public key and encrypted private key are stored on Mitro's servers.
Your secrets are encrypted using your public key, and decrypted with your private key.
When you share secrets with a team, Mitro generates new public and private keys. The team's private key is encrypted for each member, so only they can decrypt it.
The team's key is used to encrypt the team's secrets. To get access, a team member must decrypt the team key using their personal key, then decrypt the secret using the team key.
How do we keep your account safe?
Every time you log in from a device Mitro doesn't recognize, you will receive an email to verify that it is really you who is logging in.
To add an extra layer of protection, Mitro supports two-factor authentication. If enabled, you will need both your password and a code generated by your phone to log in from a new device, change your password, or access very important secrets. This means that even if someone gets your password, they can't access your Mitro account.
Mitro keeps you logged in when you check the "Remember Me" option on the login screen. This is a convenient option because it means you no longer need to type your password, but it slightly decreases your account's security since anyone who gets access to your device has access to your account. If you enable this option and lose your device, you should immediately change your password, which will require you to log back in on all devices.
When you check "Remember Me", your private key is stored on your device, encrypted with a device key stored on Mitro's servers. This keeps your private key safe, and allows you to revoke access if you lose your device.