What is the encryption key?
Your encryption key is a 256-bit AES-GCM cryptographic key generated in your browser during activation. It is used to encrypt all data before it leaves your browser and decrypt it when you retrieve it. OTIS Intelligence never sees this key.
Why it matters
Without your key, your OTIS data is mathematically unreadable — not just by attackers, but by OTIS Intelligence itself. This is the architectural guarantee behind the zero-knowledge design. Even if OTIS systems were compromised, your data would remain encrypted and inaccessible.
Where to store it
Store your key file in at least two secure locations: a password manager (1Password, Bitwarden, LastPass), an encrypted USB drive stored physically, your organisation's secrets management system (AWS Secrets Manager, HashiCorp Vault). Do not store it in plain text in email, cloud notes, or unencrypted documents.
Using the key on a new device
When you log in to OTIS from a new device or browser, you will be prompted to upload your key file. OTIS loads it into memory for the session and never stores it permanently in the browser.
What happens if you lose your key
Your historical data cannot be recovered without your key. This is by design. If you lose your key, you can start a fresh OTIS instance — your account and subscription remain, but previous analysis data is no longer accessible. This is why secure storage of the key is critical.
Sharing the key with colleagues
If multiple administrators need access to OTIS data, they must share the encryption key securely. Use your organisation's secrets management system or a password manager with sharing capability. Never transmit the key via email or unencrypted messaging.
Was this article helpful?
Contact us if you need further help.