anonym.legal

By · Last updated 2026-04-07

返回功能

零知识安全

您的密码绝不会离开您的设备。我们使用智能密码学来验证您,而无需看到您的密码——这是保护您账户的最安全方式。

创建账户查看文档
Zero-Knowledge Auth
Your Device
Password
Argon2id→ HKDF derivation
Password never leaves device

什么是零知识?

当您登录大多数网站时,您的密码会通过互联网传输到服务器。尽管在传输过程中进行了加密,但服务器仍然可以看到您的密码。

通过零知识,您的密码保留在您的设备上。相反,我们使用智能数学来证明您知道密码,而无需发送它。

常规登录

您出示身份证以进入建筑物

零知识登录

您证明您知道一个秘密握手,但从不透露它是什么

为什么使用零知识?

密码从未发送

即使黑客监视您的互联网连接,他们也无法窃取您的密码,因为它从未通过网络传输。

我们无法看到它

即使是anonym.legal的员工也无法看到您的密码。您的凭据保持完全私密。

更好的保护

如果我们的服务器被攻破,您的密码仍然安全。我们只存储数学证明,而不是密码。

24个单词的恢复

如果您忘记密码,您将获得特殊的恢复单词以重新获得访问权限。无需拨打支持电话——您控制您的账户。

工作原理

零知识认证的4个简单步骤

1

创建密码

您在设备上创建密码

2

生成秘密密钥

您的设备使用特殊数学从您的密码创建秘密密钥

3

发送证明

只有数学证明被发送给我们——绝不会是您的密码

4

验证

我们验证证明——我们可以确认是您,而无需看到您的密码

这就像拥有一个锁,您保留唯一的钥匙,而我们只检查您的钥匙是否有效。

您的24个单词的恢复短语

当您启用零知识时,您将收到24个特殊的单词。这些单词是您账户的主密钥。

这些单词有什么用?

  • 如果您忘记密码,恢复您的账户
  • 如果您丢失设备,重新获得访问权限
  • 在新计算机上登录

应做

  • 将它们写在纸上
  • 将纸存放在安全的地方(如锁住的抽屉)
  • 考虑在不同的安全地点制作备份副本

切勿

  • 拍摄它们的照片
  • 将它们保存在您的计算机上
  • 通过电子邮件或短信发送
  • 与任何人分享

为什么是24个单词?

  • 单词更容易正确写下
  • 单词更容易阅读和验证
  • 24个单词提供极其强大的安全性

重要

没有您的恢复短语,我们无法帮助您重新进入您的账户。这是设计使然——零知识意味着我们无法访问您的密码或密钥。

无处不在

在所有anonym.legal平台上提供零知识保护

网络应用

完全支持

桌面应用

完全支持

Office 插件

完全支持

技术细节

为安全意识强的人士

Argon2id 密钥派生

内存硬算法,使密码猜测极其缓慢,即使使用专业硬件。

XChaCha20-Poly1305

全球安全专家使用的相同认证加密,提供最大保护。

不存储密码

我们绝不会以任何形式存储您的密码——无论是加密的、哈希的还是其他形式。

恒定时间验证

安全检查所需时间与输入无关,防止时间攻击。

常见问题

anonym.legal的员工可以看到我的密码吗?

不可以。这正是零知识的意义!您的密码在您的设备上处理。我们只接收数学证明,而不是实际密码。

如果anonym.legal被黑客攻击怎么办?

您的密码仍然安全!黑客只能找到数学证明,而不是密码。没有您的实际密码,他们无法访问您的账户。

使用零知识更难吗?

不!您在登录时不会注意到任何区别。唯一的额外步骤是在首次设置账户时保存您的24个单词的恢复短语。

我可以关闭零知识吗?

零知识默认启用以保护您。我们建议您保持启用,以获得最佳安全性。

如果我更改密码会发生什么?

当您更改密码时,您的设备会创建新的秘密密钥,您将收到新的24个单词的恢复短语。您的旧恢复短语将停止工作,因此请立即保存您的新短语!

在LastPass泄露事件之后,我如何验证供应商使用真正的零知识加密?

anonym.legal使用Argon2id密钥派生(64MB内存,3次迭代),完全在浏览器中运行——服务器从未接收到您的密码或加密密钥。AES-256-GCM加密在数据离开您的设备之前进行。即使是完整的服务器泄露也只会产生加密的blob,而没有解密它们的密钥。

Technical Appendix

Cryptographic parameters and protocol details for security auditors and developers.

Cryptographic Parameters

ComponentAlgorithmParameters
Password HashingArgon2idMemory: 64 MB, Iterations: 3, Parallelism: 1, Salt: 16 bytes, Output: 32 bytes
Symmetric EncryptionXChaCha20-Poly1305AEAD, 256-bit key, 24-byte nonce (random per operation)
Key DerivationHKDF-SHA256Master Key → Auth Key + Encryption Key (domain separation)
Recovery PhraseBIP39256-bit entropy, 24 words, 2048-word wordlist
Random Number GenerationCSPRNGcrypto.getRandomValues (browser), libsodium.randombytes_buf (native)

Key Derivation Chain

User Password (never transmitted)
Argon2id (64MB, 3 iterations, salt)
Master Key (32 bytes)
HKDF("auth") → Auth Key

Sent to server for verification

HKDF("enc") → Encryption Key

Never leaves device

Protocol Flow

Registration

  1. 1Client generates random salt (16 bytes)
  2. 2Client derives Master Key via Argon2id(password, salt)
  3. 3Client derives Auth Key and Encryption Key via HKDF
  4. 4Client sends Auth Key + salt to server (password never sent)

Login

  1. 1Client requests salt from server (by email)
  2. 2Client re-derives Master Key via Argon2id(password, salt)
  3. 3Client sends Auth Key; server verifies with timing-safe comparison
  4. 4Server issues JWT session token; Encryption Key stays on device

Cross-Platform Compatibility

PlatformCrypto LibraryArgon2id Parallelism
Web App (Browser)libsodium.js (WebAssembly)1
Desktop App (Tauri)rust-argon2 + libsodium.js1
Office Add-inlibsodium.js (WebAssembly)1

Parallelism is set to 1 across all platforms to ensure cross-platform compatibility. A key derived on any platform works on all others.

From the Blog

View all articles
GDPR & Compliance

Japan My Number: Verhoeff & APPI

63% of generic tools fail My Number detection in Japanese documents. My Number uses Verhoeff algorithm — the most complex national ID checksum in Asia.

August 20, 20268 min
GDPR & Compliance

HDPA Greece: AFM & AMKA Detection

Greek AFM detected with 52% accuracy by generic tools. HDPA issued 89 decisions in 2024 — up 162% from 2022. Tourism and maritime sectors face distinct.

August 19, 20267 min
GDPR & Compliance

NAIH Hungary: TAJ-Szám and Adóazonosító Jel

Hungarian NER accuracy is 67% vs. EU average 82% — NAIH's 2024 assessment. TAJ-szám weighted checksum and adóazonosító jel detection gaps.

August 18, 20267 min

立即保护您的账户

创建一个具有零知识安全的账户。您的密码始终属于您。

创建账户查看文档

About this page

We update this page when our platform or the law changes.

Read our founder note for how we work.

Each change shows up in the timestamp at the top.

Related reading

We follow these rules

  • GDPR (EU 2016/679).
  • ISO/IEC 27001:2022.
  • NIS2 (EU 2022/2555).
  • HIPAA safe harbor under 45 CFR § 164.514(b)(2).

Our promise

We do not sell your data.

We do not train models on your text.

We store your files in Germany.

You can delete your account at any time.

You own your work.

Where we run

Our servers live in Falkenstein, Germany.

We use Hetzner. They hold ISO 27001 certification.

All data stays in the EU.

Backups run every day.

Need help?

Email support@anonym.legal.

We reply within one business day.

How we test

We run a full check suite on every release.

Each surface gets its own sweep script and report.

Human reviewers spot-check the output each week.

We track recall and precision on a labelled set.

Bad runs block the deploy.

What we never do

  • We never sell your information to third parties.
  • We never train models on what you upload.
  • We never keep your work after you delete it.
  • We never share keys with any outside firm.
  • We never run ads inside the product.

Plans in plain words

We sell credits, not seats.

One credit covers one short job.

Long jobs use a few credits each.

You can top up at any time.

Unused credits roll over each month.

Read the plans page for current rates.

Who built this

A small team of engineers and lawyers built this.

We ship from Europe and work in the open.

Our founder note spells out why we started.

Where to start

How the parts fit

A browser add-on cleans text inside Chrome.

A Word plug-in handles drafts in Office.

A small desktop tool works on whole folders.

An agent protocol link feeds large models safely.

All four share one core engine and one rule set.

Words from our team

We started this work after a lunch about cookies.

One friend kept getting odd ads on her phone.

We asked why a court file leaked through a draft.

We sketched the first build on a napkin that week.

By month three we had a tiny demo for a friend.

She used it on her first case the next day.

Common questions we hear

Can the tool read scanned PDFs? Yes, with OCR.

Does it work on long files? Yes, in small chunks.

Can I roll my own rule set? Yes, save it as a preset.

Does it run offline? The desktop build runs offline.

Do you keep my files? No, the cloud build wipes after each run.

Will it learn from my work? No, we never train on inputs.

A short tour of the workflow

Upload a file or paste a snippet of prose.

Pick the entities you want gone from the draft.

Choose a method: replace, mask, hash, encrypt, or redact.

Press run and watch the side panel show each hit.

Skim the result and tweak any rule that misfired.

Save the cleaned file or send it to a teammate.