Changing Your Master Password

Update your vault's primary password

Overview

Your master password is the key to your encrypted vault. Change it if you think it’s been compromised, or to upgrade to a stronger password.

When to Change Your Master Password

Consider changing if:

  • You suspect someone may know it
  • You’ve used it on an untrusted device
  • It doesn’t meet current security recommendations
  • You’ve shared it (even with someone you trust)
  • It’s been a long time since you last changed it

Steps to Change

  1. Log in to the web vault at vault.heimlane.io
  2. Click your profile icon in the top right
  3. Select Account Settings
  4. Under Master Password, click Change Master Password
  5. Enter your current master password
  6. Enter your new master password
  7. Re-enter the new password to confirm
  8. (Optional) Update your master password hint
  9. Click Change Master Password

What Happens When You Change It

  1. Your vault is decrypted with the old password
  2. New encryption keys are derived from your new password
  3. Your vault is re-encrypted with the new keys
  4. The new encrypted vault syncs to all devices

Important: Other logged-in sessions will be logged out and need to use the new password.

Choosing a New Master Password

Requirements:

  • Minimum 12 characters (we recommend 14+)
  • Should be unique - never used anywhere else

Tips for a strong password:

  • Use a passphrase: correct-horse-battery-staple
  • Mix words with numbers and symbols
  • Make it memorable but not guessable
  • Avoid personal information (names, dates, etc.)

After Changing

  • All devices will need to log in with the new password
  • Update your password hint if needed
  • Write down the new password and store securely (temporarily)
  • Practice typing it a few times to memorize

Troubleshooting

Problem: Forgot new password immediately

Solutions:

  1. Use the password hint you set
  2. Try any passwords you commonly use
  3. If 2FA is enabled, you’ll still need the master password
  4. Contact support only as last resort (limited help due to zero-knowledge)

Problem: Can’t log in after changing

Solutions:

  1. Clear browser cache and cookies
  2. Try the web vault directly (not extension)
  3. Ensure you’re using the new password
  4. Check caps lock

Problem: Old sessions still work

Solutions:

  1. Sessions remain valid until they time out
  2. You can log out all sessions in Account Settings
  3. Change password again if concerned about security

Tips

  • Never share your master password with anyone
  • Don’t store it in plain text on your computer
  • Consider a physical backup in a secure location
  • Set a memorable but secure password hint
Back to Vault Help