File Fortress Logo File Fortress About Features Documentation
Login Get Started

Security & Privacy

Your data security is our top priority

Security First
Built from the ground up with privacy and security in mind

Zero Knowledge Architecture

File Fortress never sees your files. Our local CLI approach means your data stays on your device, always.

End-to-End Encryption
AES-256 encryption protects your data

All your file metadata is encrypted using industry-standard AES-256 encryption before any processing. Encryption keys are generated and stored locally on your device.

Local Processing
Your data never leaves your device

Unlike cloud-based solutions, File Fortress processes everything locally. Your files, file names, and directory structures remain completely private.

Zero Knowledge
We can't see your data, even if we wanted to

Our zero-knowledge architecture means we have no access to your file contents, names, or metadata. Your privacy is guaranteed by design.

You Control Your Local Data Encryption
Your local file index is always encrypted. You choose the method.

The local database containing your file index (never your file contents) is always encrypted on your device. FileFortress gives you two ways to manage this encryption, balancing convenience and portability.

Automatic Encryption
Default & Easiest

By default, FileFortress uses automatic, machine-specific encryption. The encryption key is securely bound to your device.

No password to remember or type.
Seamless and secure for use on a single machine.
Configuration is not easily portable to other devices.

Custom Password
Maximum Control & Portability

You can provide your own master password during initialization. This password encrypts your entire local configuration.

Your configuration is portable to other devices.
You have full control over the encryption key.
Option to use a --key-file for convenience instead of typing the password.

How We Protect Your Data

Local CLI Application
All file analysis happens on your device using our command-line interface. No file data is ever transmitted to our servers.
Client-Side Encryption
Encryption keys are generated locally and never shared. Only encrypted metadata hashes are processed for duplicate detection and organization.
Minimal Cloud Permissions
We only request read-only metadata access to your cloud storage. We cannot download, modify, or delete your files.
Industry Standards
We use TLS 1.3 for all communications, OAuth 2.0 for secure authentication, and follow OWASP security guidelines.

Technical Security Details

AES-256 Encryption: Military-grade encryption for all data at rest
TLS 1.3: Latest transport layer security for data in transit
PBKDF2: Password-based key derivation with salt
OAuth 2.0: Secure authentication without storing passwords
SHA-256 Hashing: Cryptographic hashing for file integrity

Privacy Guarantees

No File Storage: We never store your actual files
No Content Access: We cannot read your file contents
No File Names: We don't see your file or folder names
No Tracking: We don't track your browsing or usage patterns
No Third Parties: We don't share data with advertisers or partners

Compliance & Standards

GDPR Compliant

Full compliance with European data protection regulations

SOC 2 Ready

Following SOC 2 Type II security and availability principles

ISO 27001

Implementing information security management best practices

Questions About Security?

We're transparent about our security practices. If you have specific questions about how we protect your data, we're here to help.

Security FAQ
Contact Us