Yoheim makes it really simple for you to manage and share access with boss level security.
While yoheim makes collaboration easy, in the background it has end to end encryption mechanism for your private keys or passwords that would be typically impossible to decrypt by the attackers. The identities and other resources are both encrypted at rest and while transfer. With end-to-end encryption, only the user who has the access to it can decrypt.
So how do we do that?
Whenever a user creates an account with yoheim, and in your client, an asymmetric key is generated in the background, the public key is shared with yoheim’s servers but the private key remains with the user, and it’s prompted to the user to safely and securely backup the private key. All the resources that are created or shared are encrypted on the client-side, with which even yoheim’s servers won't be able to decrypt it.
What do we encrypt?
Folders: In the folder, we encrypt the name of the folder.
Servers: We encrypt the name, host, port, and description of the server.
Identities: We encrypt the name, private key, password of the identity.
What we do not encrypt?
Team information and project information. Both the team name and project name aren’t encrypted to keep so that we can use that information to keep you and your team updated with regards to anything.
Can people at yoheim gain access to the server?
NO, Definitely not as mentioned above every data point is encrypted on the client-side and it is impossible to decrypt without the private key that solely remains with the account holder i.e. the user.