Frequently Asked Questions

Common questions about using and self-hosting giovium.

Why giovium?

Because it is free, fast, secure, and built entirely with absolute privacy in mind.

How can I deploy the server?

Simply download the executable and follow the guide in the documentation. It is natively available on macOS, Linux, Windows, and Docker.

Do I need to use HTTPS or a reverse proxy?

No, the server can be deployed in whatever environment you prefer. Even if you choose a normal unencrypted HTTP connection, giovium will autonomously and securely encrypt the actual connections directly between the client and server.

Can I use email to recover my account?

No. Your data is perfectly safe as long as you remember the master password. We do not use user accounts, and therefore there are no vulnerable email recovery loops.

Is the master password protected?

Yes. We use advanced Argon2 hashing protocols to forcefully defend against brute-force attacks. It would cost billions of dollars and millions of years to break a strong giovium master password.

Is giovium really free?

Yes, giovium is 100% free because it's an ideological project meant to return data freedom directly to the people without any form of tracking, just like the old days of absolute privacy.

What happens if I lose my device?

No problem, because no one can decrypt your data without the master password. Simply download the giovium app onto your new device and immediately resync your vault with your server.

How are my data safe and backed up?

Data are locally encrypted and verified each time you use and sync giovium. If you use an iPhone, an iPad, a desktop app, and your server, you effectively have 4 independent nodes of redundancy. All encrypted data is perfectly mirrored and synced simultaneously between whatever devices you connect.

Can I sync to multiple servers?

Yes. All of your connected servers and devices can perfectly mirror and stay in sync with each other simultaneously.

What happens if my server is compromised or hacked?

Nothing. The server is strictly a zero-knowledge data storage node and a point of request—it only receives and sends encrypted items. Even if fully hacked, your data will never be leaked because the server never has access to your master password.

What happens if I have malware on my computer while the vault is decrypted?

This is a critical scenario, but usually, nothing happens. You simply lock the vault and close the app, immediately killing the decrypted keys from memory. For maximum security against actively running malware, you can utilize giovium's secondary "Double Encryption" feature for highly sensitive items. If your main vault is compromised but you didn't specifically unlock the double-encrypted item during that session, there is absolutely no data in the RAM to map or leak, keeping the item perfectly safe.

Should I use advanced Double Encryption with an additional password?

Yes. It is highly recommended for incredibly critical secrets, such as Bitcoin wallets, bank accounts, or primary email credentials. Just make sure you never forget this second password, as it is completely unrecoverable.

If you don't use HTTPS, how can the connection be secure?

giovium natively encrypts all data exactly like HTTPS, but it does so entirely independently. This means you do not have to rely on external Certificate Authorities (CAs), pay for certificates, or manage free certificate deployments like Let's Encrypt. giovium simply uses the absolute gold standard in modern cryptography—Ed25519 and X25519—to flawlessly sign and encrypt all traffic between clients and servers.

What local cryptography do you use to encrypt my vault?

giovium utilizes XChaCha20-Poly1305, an extremely fast and secure authenticated encryption algorithm, to securely store all of your local at-rest data and file attachments.