Last updated: May 13, 2026
Security
Welcome to ClipGarage. This is an overview of how the security measures are handled from our end.
A word from the builders
ClipGarage was built around a pretty simple idea: your clipboard can contain a lot of sensitive information, and that information should stay under your control.
Every day, people copy passwords, API keys, payment details, wallet addresses, internal documents, client notes, screenshots, prompts, and private conversations without even thinking about it. Most clipboard tools treat all of that the same way. We didn’t want to build something that felt invasive or risky to use long term.
Your clips are primarily stored locally on your device, not sitting openly on some cloud dashboard waiting to be accessed. For syncing and cross device access, ClipGarage uses encrypted communication and encrypted storage methodologies so the app can securely recognize and restore your clipboard history when needed. The important part is this: the actual access to your synced data depends on a recovery or access key generated through your settings. Without that key, your synced clipboard data is not practically usable by anyone else, including us.
ClipGarage also automatically detects certain sensitive data types like passwords, payment methods, API keys, tokens, environment variables, and similar information. These clips stay locked by default inside the app. During onboarding, you can create your own PIN to unlock and access them whenever needed.
On top of that, you are not limited to only automatic protection. You can manually lock individual clips, boards, or sensitive information with your own PIN anytime you want. This adds another layer of protection in situations where you share screens, work in public spaces, or simply want additional privacy around certain content.
We also believe privacy should not come at the cost of usability. So instead of making security feel complicated, ClipGarage keeps it lightweight in the background while still giving you direct control over your data, access, visibility, and device syncing.
At the end of the day, ClipGarage is designed to behave less like a cloud storage platform and more like a secure extension of your own workspace. Your copied content stays accessible to you, organized for your workflow, and protected in a way that still feels practical for everyday use.
How the Encryption Works
When you enable cloud sync:
A random 256-bit Data Encryption Key (DEK) is generated on your device.
The DEK is stored in your macOS Keychain — it never leaves your device in plaintext.
A Recovery Key (32 random bytes, displayed as a 64-character hex string) is generated and shown to you once. You must save it. A cryptographic hash of a wrapping key derived from your Recovery Key is stored on our servers alongside an encrypted copy of the DEK — allowing you to restore access from a new device.
Every clipboard item is encrypted with AES-256-GCM on your device before upload.
Only the encrypted ciphertext and a nonce (initialization vector) are transmitted to our Supabase backend.
We, at ClipGarage hold no keys. We cannot decrypt your synced clipboard data under any circumstances — not even in response to a legal request. The cryptographic design enforces this technically.