Frequently Asked Questions

Here we try to answer some basic questions about the Codebook Cloud service.

What does Codebook Cloud sync?

Codebook Cloud provides automatic, background sync for all the passwords and other data you can store in Codebook. This means that all Categories, Entries, Labels, Fields, and Attachments will be kept in sync across your installations of Codebook as you add, remove, and edit your data.

When does Codebook Cloud sync?

After the initial sync of the Codebook app with Codebook Cloud, data transfers for sync occur primarily in two situations.

The first is when you make edits to your data in Codebook, including any additions, updates, and deletions. Codebook attempts to sync these changes with Codebook Cloud immediately.

The second is when Codebook detects that new changes from your other devices are available on Codebook Cloud.

Codebook detects new changes on Codebook Cloud via processes we call polling, and background refresh (on Android and iOS).

When polling is active, it runs roughly every 10 seconds.

On macOS and Windows polling only runs when Codebook is unlocked. Once Codebook is locked, polling is terminated.

On Android and iOS polling only runs when Codebook is in the foreground (on your screen) and unlocked. Once Codebook moves to the background (when you leave the app), polling is terminated.

On Android and iOS Codebook supports background refresh, which is to say periodically waking up to check if new changes are available on Codebook Cloud.

On iOS background refresh is scheduled by iOS itself based on your usage patterns and machine learning. It takes several other factors into account as well, including battery life and available system resources.

On Android background refresh occurs every six hours, as long as there is an Internet connection available and the device battery is not running low.

Codebook does not support background refresh on macOS and Windows.

Can I disable Codebook Cloud's automatic syncing?

Yes, Codebook provides a switch for turning off Auto Sync. On Android and iOS, you can find this switch on the Sync view. On macOS and Windows, the switch is on the Settings window, under the Sync tab. In addition, there is a switch for turning it off on the Login view.

How will Codebook Cloud effect my mobile data usage?

After you initialize Codebook Cloud on a device, the main use of network bandwidth or data on your mobile device will come from syncing actual changes to your data, which you make over time, and aren't extremely frequent (e.g. creating a new password, adding a new record, changing a password, etc).

When Codebook for Android or iOS is the active app on your phone, and unlocked, it will check for new changes on Codebook Cloud every 10 seconds, on average. This polling is designed to be a very lightweight network activity, using approximately 1.5KB of total network traffic per request and response (~1KB for the request and ~0.5KB for the response). Once you leave Codebook and it is no longer on your screen, this polling is terminated.

When Codebook is in the background on Android and iOS, the only network activity that may occur is an infrequent background refresh that will only use around 1.5KB per request if there are no changes available.

While polling and background refresh use minimal data, more data will be used when actual Codebook changes are syncing. Because of that, customers who are more sensitive about mobile data usage may want to consider fully disabling cellular data or background refresh for Codebook.

Can I prevent Codebook from using cellular data and background refresh?

If mobile data usage is a concern, use of cellular data and background refresh can be turned off for Codebook on a device.

On iOS:

  • Turn off cellular data in Settings app > Codebook > Cellular Data
  • Turn off background refresh in Settings app > Codebook > Background App Refresh

On Android: Please see your device settings for data usage and background refresh options.

Are multiple-user accounts available?

Yes, family plan subscriptions are available for non-commercial use. We have a commercial license offering for businesses that you can read about here.

Can Codebook Cloud undo a delete made by mistake?

Indeed, it can. Codebook Cloud can revert any changes you've made to your data back to a particular change-set. However, this requires some administrative intervention on our part. Please contact our support team for help with this, and be sure to let us know the date and time (roughly) of the changes you want us to revert.

Codebook supports sharing passwords and any other data you can store in Codebook entries with other users of Codebook Cloud. You can share entries with other users in your own account, and you can connect and share with users who have their own accounts as well.

For multi-user accounts, the other users on your account are automatically added to your Contacts in Codebook so you can share any entry with them right away. For users outside your account, you must send them a contact request that they need to approve. Once trust is established, the other person is added to your Contacts and you can share entries with them as well.

Sharing does not share you entire database with another user, that is still kept completely separate. Instead, when you choose to share an entry, we package it up and encrypt it specifically for the contact you choose. This is then made available on Codebook Cloud for them to download. They will receive it the next time they sync with Codebook Cloud, at which point the encrypted entry is deleted on Codebook Cloud.

Sharing With Someone In Your Account

To share a Codebook Entry with another Codebook Cloud user in your account:

  1. Search for or navigate to the Entry in Codebook
  2. Tap on or click the new Share Entry button to show the Share sheet
  3. Select the name of the person in your account on the Share sheet

Sharing With Someone Outside Your Account

To share a Codebook Entry with someone outside your account who already has their own Codebook Cloud account, you must first request to add them as a contact and then mark them as trusted within the application.

  1. Bring up the Share sheet from an entry (or, navigate to Sync > Manage Contacts)
  2. In the email address field at the top of the Share sheet, enter the email address of the person you want to add as a contact for sharing

Your sharing contact request will be sent to the other Codebook Cloud user. They will need to launch Codebook, and approve the contact request from the sharing sheet themselves. Once that is completed you will receive a notification from Codebook that you have a new pending contact.

  1. Tap on the notification, or launch Codebook and navigate to the Share sheet (Sync > Manage Contacts)
  2. Select the new pending contact and mark it as trusted

This extra step gives you and your contact an opportunity to verify the request to each other, and to check that the fingerprint displayed for them in Codebook matches what they have on their own device.

You can view your own fingerprint for sharing by going to Sync > Display Fingerprint.

Now that you have verified your new sharing contact, sharing an entry with them is exactly the same as sharing with someone in your account.

Where do Shared Entries arrive?

When you share an entry with another Codebook Cloud user, Codebook packages that entry up and encrypts it for that user specifically and sends it to them over Codebook Cloud.

When their instance of Codebook receives the entry, it is decrypted, and placed into an automatically generated category named "Shared Entries".

When you receive an entry it will first go into the Shared Entries category, but you can then move it into any category you like.

If the same entry is sent to you again, it will be updated in-place, in whichever category you moved it to, if it is no longer in Shared Entries.

How are updates handled?

When someone shares an entry with you, they might at some point need to update the password or other fields on that entry in their own database. Those updates are not shared automatically, the other person must send you the entry again.

When Codebook receives a new version of the entry, it will apply the updates to your copy of the entry. Any new fields will be added, updates to existing fields will be applied. If you deleted a field, but it is still present or has been updated in the original entry, it will be recreated when it is re-sent to you.

What kind of encryption is used for Secure Sharing?

Secure Sharing uses the NIST standards ML-KEM for encrypting entries and ML-DSA for signing and verifying the encrypted data.

Does Secure Sharing support any other sync services?

It does not—Secure Sharing requires Codebook Cloud to coordinate delivery of the encrypted data and to verify who is authorized to share with whom.

What security precautions has Zetetic taken for Codebook Cloud?

  • No sensitive (e.g. production, beta) credentials are stored in our source control repositories.
  • No production credentials are stored on our developer workstations.
  • Micro-service architecture for the web services that support Codebook Cloud.
  • Frequent, comprehensive, and automated testing.
  • All Codebook data that is synced with Codebook Cloud is encrypted before it ever reaches Codebook Cloud, with a key that is only stored on your local device.

Can anyone read my data on the Codebook Cloud servers?

Absolutely not. All of the data you sync with Codebook Cloud is encrypted with your Sync Key. We are unable to decrypt or otherwise peer into the change-set information that gets synced to the Codebook Cloud servers by Codebook, it's encrypted before it ever leaves your device.

Will my cloud data be vulnerable to password cracking attacks?

No. The data you sync with Codebook Cloud is encrypted before it leaves Codebook on your mobile device or computer, and it is encrypted with your Sync Key, not your Codebook Master Password. Since the secret key used to encrypt your change-set (sync) data on our servers is a randomly generated stream of bytes, and not a password, it is not vulnerable to password cracking techniques.

How will my Codebook Cloud account password be stored?

When you create a Codebook Cloud account, your user password is stored in the Codebook Cloud database using the Argon2id password hashing function, with tuning parameters recommended by OWASP.

When you create a Codebook Cloud account using one of the Codebook clients (i.e. iOS, macOS, Windows), you are given the option of setting a random password for Codebook Cloud. Codebook then stores this value in your encrypted database, making it available on your devices for Auto Fill and Secret Agent.

What unencrypted data is stored on the Codebook Cloud servers?

Your personal profile information (your account details) and metadata concerning sync change-sets sent to Codebook Cloud during sync are unencrypted. How this information is used is described below.

Personal Profile Information:

When you create a Codebook Cloud account, we collect the following information, and save it to your user profile, which is unencrypted:

  • First name
  • Last name
  • Email address

We don't provide access to this profile information to other businesses except strictly as necessary to provide the Codebook Cloud service (as per our Privacy Policy). For instance, if we need to send an invoice or receipt to your email address for billing purposes, that would go through the SMTP mail service that we contract for email delivery, but that provider is not authorized to use your email address for any other purpose.

Sync Metadata:

Codebook Cloud stores the following metadata unencrypted, when you sync:

  • A unique identifier in our database for each encrypted change-set
  • The date and time we received an encrypted change-set
  • A change-sequence number that is assigned to the change-set

Codebook Cloud needs access to this information to perform the basic functions of a data sync service, in order to know which change-sets to provide to Codebook when the app requests the latest changes to your data.

Can I delete my sync data from Codebook Cloud?

Yes. You can login to the Codebook Cloud website, and take advantage of the Delete My Data button on the Devices & Data page, which will remove all your encrypted sync data from our servers. You can also use the Delete My Data button in the Codebook app on the Codebook Cloud settings view.

Delete My Data will only remove your data from Codebook Cloud, it will not remove your data from Codebook on your linked devices.

Can I delete my Codebook Cloud account?

Yes. To delete your Codebook Cloud account, visit the Delete My Account page. We do need to retain some record of you having been a customer for legal reasons, specifically the name and email address of the account owner, and a record of any subscription purchases. After we archive that information the account is deleted along with all users and data stored in Codebook Cloud.

Can I remotely wipe Codebook Cloud data from one of my devices?

Not currently. This is a feature we will be looking into in the future, we know it's a must-have for some customers.

Can I revoke access to my Codebook Cloud account?

Yes. To review your linked devices and revoke access, see Devices and Data.

Do I need a subscription to use Codebook Cloud?

Yes. We are making Codebook itself free to download and use, and charging a subscription for access to Codebook Cloud to help pay for the service and further fund development of Codebook. If you want to support our work, buying a Codebook Cloud subscription is the best way to do it!

What if I already paid for Codebook? Are discounts available?

Yes! Customers who previously purchased a license on macOS or Windows, and customers who previously paid for Codebook in Google Play and Apple App Store, are eligible for a loyal customer discount. When you create a Codebook Cloud account using Codebook on one of these devices where you had previously paid for the app, you will be presented with a discount offer on the subscription sign-up screen.

Do I need to purchase a subscription for each device I own?

Certainly not! When you purchase a Codebook Cloud subscription, either through our own store (run by FastSpring), Google Play, or the Apple App Store, your subscription becomes active immediately on all devices where you are signed into the same Codebook Cloud account.

Does Codebook require a subscription too?

No. Codebook itself is free to download, a subscription is only required to use the Codebook Cloud sync service.

Do I have to use Codebook Cloud?

No, no one has to use Codebook Cloud to use Codebook, and we have no plans to require it.

Are the other sync services going away?

No, the other sync services that Codebook supports (Desktop WiFi, Dropbox, Google Drive, and Local Folder) are still available as they were before, though we've made some improvements and fixed some bugs.

Will Automatic Sync be Added to the Other Sync Services?

No, automatic background sync is only available through Codebook Cloud.