Security & Privacy

We understand the level of trust you’re placing in us when choosing to store your important information – as well as precious memories – in a Keylu account, that’s why we place the protection and security of your data at the very centre of our service offering.


We at Keylu take security very seriously. It underpins how our product is designed and implemented, and the policies we have in place for maintaining that security.

Passwordless sign in

Keylu has moved from using email-address-and-password to a Passwordless authentication system. The way it works is simple - each time you sign in, you enter your email address and receive a one-time code that is used to sign in instead of a password.

Why Keylu moved to a Passwordless system

  1. Passwordless authentication offers improved security. Studies have consistently shown that weak or stolen passwords continue to be responsible for more than 80% of hacking-related breaches. [1][2][3]
  2. It's simpler for you! Meeting differing password complexity requirements and remembering many different passwords is hard. Using a Passwordless system means one less password for you to create and remember.
  3. Passwordless authentication is part of our long term security strategy. Future enhancements will enable additional Passwordless authentication factors, including support for biometrics such as fingerprints, face and voice recognition.

Your information is encrypted and stored using industry leading technology. All communications with Keylu - when you load a page, upload documents or submit a form - are protected by 2048-bit SSL certificate encryption. When we store your data at rest everything is encrypted using 256-bit AES encryption, one of the strongest available. [4]

Multi-factor authentication (MFA)

Often referred to as MFA or 2FA, multi-factor authentication adds an additional layer of security via SMS or an authenticator app, protecting your most sensitive data and ensuring no one but you has access. We use step-up multi-factor authentication, this means you can sign in without MFA, but in order to access data already stored or to perform certain key tasks, you will be required to sign in using your second authentication factor on demand.


Data access

At Keylu we follow a strict set of processes and protocols to safeguard your data and ensure that no-one but you and the people you allow (like your Trusted Contacts) will have access. Keylu employees are not able to access your data under any circumstances.

Read our privacy policy ⟶

Data sharing

At Keylu the privacy of your data is paramount. The information held in your account ensures that your Trusted Contacts have access to the key information you want them to have at the time of your death. We will never sell your data to a third party. We may share your data but only where we have a professional or legal obligation to do so.

Read our privacy policy ⟶

Where is my data stored?

For redundancy purposes your data is securely replicated to two different geographic locations around the world. This ensures that should something happen to the data stored in one location, your data can be recovered from another. This replicated data is secured and stored in the same way as the primary data, and governed by the same rigorous security protocols.