Answers to common questions about dotenvar.

Can dotenvar staff read my secrets?

No. Secrets are encrypted in your browser before being sent to the server. The server only stores ciphertext. Without your passphrase, there is nothing to read.

What happens if I forget my passphrase?

There is no recovery path. Because your passphrase never leaves your device, we have no way to reset or retrieve it. If you lose it, access to your secrets is permanently lost. Write it down somewhere safe.

Can I share secrets with teammates?

Yes. Sharing is a first-class feature in dotenvar. You can share individual secrets or entire Groups with other dotenvar users and choose View or Edit permissions.

Is there an undo if I delete something?

Deleted secrets cannot be recovered — deletion is permanent. Secret values do have version history, so if you edited a value you can go back to a previous version. But if you delete the secret itself, it is gone.

Does dotenvar work on mobile?

A dedicated mobile app is coming soon. For now, the web app works in a mobile browser but is optimised for desktop use.

How is dotenvar different from a general password manager?

dotenvar is designed specifically for developers managing environment variables, API keys, and configuration secrets — not personal logins. The hierarchical structure, bulk import, .env export, and versioning features are all built around developer workflows.

Is dotenvar free?

dotenvar is free to get started. Additional features and higher usage limits are available on paid plans.

Where is my data stored?

Your secrets are stored on our backend servers in encrypted form. All encryption and decryption happens client-side in your browser. We never see the plaintext.

FAQ