Thank you for providing clickable links for the ISO certificate. However, I noticed that the certificate is audited by cystack, not Locker Company, which I believe is your main organization. Could you please clarify the following:
1. Has the certified company implemented an Information Security Management System (ISMS) that meets ISO 27001:2022 standards at the organizational level?
2. Which business units, products, and services are included in the certified ISMS?
3. I would like to confirm if Locker, this password manager, has its specific operations, infrastructure, and processes covered under the parent company’s certification scope.
If the answer is yes, I would like to request evidence of internal audits or controls specific to Locker that align with ISO 27001 requirements.
1. Yes. The ISMS certified under ISO/IEC 27001:2022 covers the entire company’s information security system, including all products and services provided by the company.
2. All CyStack products and services, including Locker, are covered under our certified ISMS.
3. Yes.
If you’d like to request evidence, feel free to email us at support@locker.io. Thanks...
seems like is very good project i would like to buy it for my agency with more than 50 member here are few quesiton i hope i could get answer then i will buy this product :
1. Could you please provide me with detailed audit reports from reputable cybersecurity firms that verify your product encryption implementation, key management, and overall architecture.
2. Is your product source code open for review or audited?
3. How is the Master Password protected on the client side?
4: How is zero-knowledge proof implemented in practice?
5: How do you handle breaches or vulnerabilities which is very critical?
6: What privacy regulations is your product comply with? eg: GDPR, CCPA, or other relevant standards.
1. Yes, we have reports from both our internal audit team and third-party auditors. https://s.locker.io/audit_reports/Locker_Audit_Report_By_CyStack_EN.pdf
2. Yes, it's available on our GitHub.
3. & 4. Please refer to our whitepaper for more details on these points https://support.locker.io/en/locker-whitepaper
5. We respond to breaches or critical vulnerabilities immediately, following...
Hello, before purchasing this deal, I visited your official website and saw some certificates I would like to verify. Since they are not clickable, could you please provide instructions on how I can verify them or give me a link to do so? mostly ISO that are listed on your website
A: Regarding the ISO Certification: You can verify it now! We’ve included the link to our ISO certificate in the footer of our official website. We've updated the link to be clickable. Just scroll down to the bottom of the page to view and verify it.
The use case I am exploring is my 1 company sending tool to each of our clients (assume 1,000 clients) and asking them to share private information (like date of birth) so that we can transfer the info securely without allowing other clients to see it and protect against a privacy breach. Can my Tier 2 accomplish this?
A: Yes, you can use Locker Quick Share to securely send your tool to each client. They don’t need a Locker account to access it. However, if you want clients to share back information like their date of birth securely, they will need to create a Locker account. It’s free and quick. You can share the sign-up link with them.
So just to confirm, I can : 1) share this blank version of the document with many clients, 2) they can reply with the completed document holding sensitive info (and nobody sees the responses but me) 3) And it still represents just 1 “secret” on my account? If so, I am definitely purchasing Tier 2.
If you want to manage 1,000 documents for 1,000 clients, you’ll need to create 1,000 individual items in your vault - each representing one document aka one client. These items will all appear in your account. If all the documents are one "secrets" type, you can organize them into a dedicated folder, such as "Secrets A." This setup will fulfill both your requirements 1) and 2).
So I can accomplish what I want to do (transfer secure files to get this info from unlimited clients and store these files of the same secret type without any of the clients having access to each others information) all in one master folder where the master folder represents just one "secret" with a Tier 2 or no? You imply No by saying requirement 3) is not satisfied.
"So I can accomplish what I want to do (transfer secure files to get this info from unlimited clients and store these files of the same secret type without any of the clients having access to each others information) all in one master folder where the master folder represents just one "secret" with a Tier 2" -> Our answer is Yes
Q: LDT with future losses ?
I would like to know if I purchase this lifetime deal, and after a few years your company is hacked and user data is breached, who will be responsible if I lose my business due that? Can I claim my losses, or will your company not take responsibility for that?
A: Thank you for your thoughtful question. It’s an important one.
Like many trusted players in the industry (e.g., 1Password, LastPass), we follow a zero-knowledge security model, meaning even we cannot access your encrypted data. In the unlikely event of a breach, attackers would not be able to read your stored passwords or secrets without your master passwords.
Q: Locker ISO password manager
Thank you for providing clickable links for the ISO certificate. However, I noticed that the certificate is audited by cystack, not Locker Company, which I believe is your main organization. Could you please clarify the following:
1. Has the certified company implemented an Information Security Management System (ISMS) that meets ISO 27001:2022 standards at the organizational level?
2. Which business units, products, and services are included in the certified ISMS?
3. I would like to confirm if Locker, this password manager, has its specific operations, infrastructure, and processes covered under the parent company’s certification scope.
If the answer is yes, I would like to request evidence of internal audits or controls specific to Locker that align with ISO 27001 requirements.
LockerPasswordManager
Edited May 13, 2025A: Hi,
Thanks for your question!
1. Yes. The ISMS certified under ISO/IEC 27001:2022 covers the entire company’s information security system, including all products and services provided by the company.
2. All CyStack products and services, including Locker, are covered under our certified ISMS.
3. Yes.
If you’d like to request evidence, feel free to email us at support@locker.io. Thanks...
Share Locker Password Manager
Q: locker and their securty?
seems like is very good project i would like to buy it for my agency with more than 50 member here are few quesiton i hope i could get answer then i will buy this product :
1. Could you please provide me with detailed audit reports from reputable cybersecurity firms that verify your product encryption implementation, key management, and overall architecture.
2. Is your product source code open for review or audited?
3. How is the Master Password protected on the client side?
4: How is zero-knowledge proof implemented in practice?
5: How do you handle breaches or vulnerabilities which is very critical?
6: What privacy regulations is your product comply with?
eg: GDPR, CCPA, or other relevant standards.
LockerPasswordManager
May 13, 2025A: Hi,
1. Yes, we have reports from both our internal audit team and third-party auditors.
https://s.locker.io/audit_reports/Locker_Audit_Report_By_CyStack_EN.pdf
2. Yes, it's available on our GitHub.
3. & 4. Please refer to our whitepaper for more details on these points https://support.locker.io/en/locker-whitepaper
5. We respond to breaches or critical vulnerabilities immediately, following...
Share Locker Password Manager
Q: locker password manager verification?
Hello, before purchasing this deal, I visited your official website and saw some certificates I would like to verify. Since they are not clickable, could you please provide instructions on how I can verify them or give me a link to do so? mostly ISO that are listed on your website
LockerPasswordManager
May 12, 2025A: Regarding the ISO Certification:
You can verify it now! We’ve included the link to our ISO certificate in the footer of our official website. We've updated the link to be clickable. Just scroll down to the bottom of the page to view and verify it.
Share Locker Password Manager
Q: 1 company, but many clients
The use case I am exploring is my 1 company sending tool to each of our clients (assume 1,000 clients) and asking them to share private information (like date of birth) so that we can transfer the info securely without allowing other clients to see it and protect against a privacy breach. Can my Tier 2 accomplish this?
LockerPasswordManager
May 11, 2025A: Yes, you can use Locker Quick Share to securely send your tool to each client. They don’t need a Locker account to access it.
However, if you want clients to share back information like their date of birth securely, they will need to create a Locker account. It’s free and quick. You can share the sign-up link with them.
Share Locker Password Manager
Verified purchaser
So just to confirm, I can : 1) share this blank version of the document with many clients, 2) they can reply with the completed document holding sensitive info (and nobody sees the responses but me) 3) And it still represents just 1 “secret” on my account? If so, I am definitely purchasing Tier 2.
Verified purchaser
Hi,
If you want to manage 1,000 documents for 1,000 clients, you’ll need to create 1,000 individual items in your vault - each representing one document aka one client. These items will all appear in your account. If all the documents are one "secrets" type, you can organize them into a dedicated folder, such as "Secrets A." This setup will fulfill both your requirements 1) and 2).
Verified purchaser
So I can accomplish what I want to do (transfer secure files to get this info from unlimited clients and store these files of the same secret type without any of the clients having access to each others information) all in one master folder where the master folder represents just one "secret" with a Tier 2 or no? You imply No by saying requirement 3) is not satisfied.
Verified purchaser
"So I can accomplish what I want to do (transfer secure files to get this info from unlimited clients and store these files of the same secret type without any of the clients having access to each others information) all in one master folder where the master folder represents just one "secret" with a Tier 2" -> Our answer is Yes
Q: LDT with future losses ?
I would like to know if I purchase this lifetime deal, and after a few years your company is hacked and user data is breached, who will be responsible if I lose my business due that? Can I claim my losses, or will your company not take responsibility for that?
LockerPasswordManager
May 11, 2025A: Thank you for your thoughtful question. It’s an important one.
Like many trusted players in the industry (e.g., 1Password, LastPass), we follow a zero-knowledge security model, meaning even we cannot access your encrypted data. In the unlikely event of a breach, attackers would not be able to read your stored passwords or secrets without your master passwords.
That said, it's important to...
Share Locker Password Manager