You can't, and that is by design. Your master password is the only thing that can decrypt your vault. There is no recovery email, no security questions, no support back door. After ten consecutive incorrect attempts the vault wipes itself.

The reason this trade-off exists is the same reason MSafe is interesting: there is no server to ask, and there is no second key sitting on someone else's machine. If you have an exported backup (QR PDF, NFC tag, or .msafe file) and you remember the master password that was active when you created it, you can restore from that. Otherwise the vault is lost.

Only from a backup you created earlier. The wipe is intentional and irreversible - the encrypted blobs are deleted from local storage. If you have a QR-PDF backup, an NFC tag backup, or an exported .msafe file, you can restore from those. If not, set a fresh master password and start a new vault.

Open Settings inside MSafe and pick the export format that suits you:

• QR-code PDF - generates a printable PDF of encrypted QR codes (one per credential, plus a full-vault page). Print it and lock it in a drawer.
• Encrypted .msafe file - exports the whole vault as a single encrypted file you can move between devices.
• NFC tag - write a single credential to a writable NFC tag from the credential's detail screen.

All three formats are encrypted with the same scheme as your live vault, so anyone who finds them still needs your master password to read them.

Install MSafe on the new device. On first launch, set the same master password you were using before. Then import from your backup:

• From an encrypted file: Settings > Import vault > pick the .msafe file
• From a printed QR PDF: open MSafe, scan each credential's QR code with the camera
• From an NFC tag: tap the tag against the back of your phone with MSafe open

Because export blobs carry their own salt, anyone with the same master password can decrypt them - so a backup taken from your free app will restore on the pro app on the same phone, or on a fresh install on a different phone.

The free version stores up to 25 credentials. The pro version removes the cap. That is the only difference. Both versions ship with the same encryption, the same backup options, the same autofill, the same privacy guarantees, no ads, and no trial nags.

Pro is a one-time Google Play purchase. There is no subscription.

The free and pro apps are separate Android packages, so they have separate vaults. To migrate:

1. In free MSafe: Settings > export your vault as an encrypted .msafe file
2. Install MSafe Pro from Google Play
3. On first launch, set the same master password you used in free
4. Settings > Import vault > pick the .msafe file you exported
5. Verify everything imported, then uninstall the free version

Open Android's Settings app, search for Autofill service (sometimes under Passwords & Accounts or System), and pick MSafe as your autofill provider. Once that's set, fields in apps and browsers that ask for credentials will let you fill from your MSafe vault. You'll be prompted for biometric or master password to unlock the vault on each fill.

Open MSafe, go to Settings, and toggle on Biometric unlock. The app will prompt you for your master password once to enroll, then for your fingerprint going forward. Your master password always continues to work as a fallback. Biometric unlock is backed by the Android Keystore - even if someone extracts the database, they can't bypass the fingerprint requirement.

By design. MSafe doesn't declare the internet permission, so it physically cannot send your vault anywhere. To move data between devices, use the explicit export/import flow with an encrypted .msafe file, a QR PDF, or an NFC tag. You decide where the backup goes and when it's transferred.

MSafe requires Android 11 (API level 30) or later, on any device that supports it. Optional features need the corresponding hardware: NFC (for tag backups), camera (for QR scanning), and a fingerprint sensor (for biometric unlock).

Inside MSafe's private application storage on your device, in an encrypted Room (SQLite) database. Android's auto-backup to Google's cloud is explicitly disabled. Nothing is sent to any server. See the privacy policy for full details.