"Your Vault Key: viewing and downloading it"
Your Vault Key is a long, one-time-generated string that protects the most sensitive personal details in your account: your customers' and team's names and contact details, claim and adjuster detai…
On this page
What the Vault Key protects
Your Vault Key is a long, one-time-generated string that protects the most sensitive personal details in your account: your customers' and team's names and contact details, claim and adjuster details, street addresses, and free-text records. It is mixed together with your password to unlock the encryption key that actually reads and writes those fields. Verinode does not store the Vault Key itself in a form we can read: the wrapped copy on our servers needs your password to mean anything.
This is not a password you type in every day. It is a durable recovery artifact, the same idea as a 1Password Secret Key: something you save once, put somewhere safe, and only need again if you ever forget your password and have to prove it is really you asking to get back in. The rest of your account (jobs, findings, benchmarks, settings) is unaffected either way, this key only guards the narrow set of encrypted personal-detail fields described above.
Note
Verinode is honest about what this does and does not mean. Your password protects your day-to-day sign-in. Verinode's automated systems decrypt these fields only to do the work you ask for, and every access is logged. This is not a claim that no system anywhere can ever touch the data; it is a claim that no other operator, franchise, or carrier can read it, that we never sell it, and that no Verinode employee can browse or export it through any tool we operate. See understanding your margin for how your financial figures stay in a database that is yours alone, sold to no one.
Where to find it
Two doors lead to the same reveal. Both start from Settings (open Settings from the sidebar; an old /profile link redirects here automatically).
1. Sign-in & Security. In the Account group, click Sign-in & Security (subtitle "Password, 2FA, Vault Key"). Direct route: /settings/security. The page stacks Change Password, Two-Factor Authentication, and a Vault Key section, in that order, with View Vault Key and Download Verinode Membership buttons.
2. Membership & Billing. In the Membership group, click Membership & Billing. Direct route: /settings/membership. Near the top of the page sits your membership card, the credit-card-shaped panel with your business name, member numbers, and Intelligence Unit balance. A small gold key chip sits center-left on the card, echoing the chip on a real credit card. Click (or tap) that chip to start the same reveal flow.
Both entry points open the identical password-confirmation step and the identical revealed key. Use whichever page you happen to be on.
Revealing it
Clicking View Vault Key (on Sign-in & Security) or the gold key chip (on Membership & Billing) opens a small dialog titled "Confirm your password to view your Vault Key." Its body reads: "Your data is yours. We don't store this key in a form we can read. Confirming your password unlocks it on this device for 30 seconds."
- 1Type your current account password into the single password field. This is a fresh re-authentication, separate from however you are already signed in.
- 2Click Show Vault Key (primary button) to reveal it in place, or Download Verinode Membership (secondary button) to skip the on-screen reveal and go straight to a PDF. Cancel closes the dialog without doing either.
- 3On Show Vault Key, the dialog itself flips to show the key: a monospaced string in six groups of five characters (for example
A4F82-H6C9K-QRMN3-TXYZ7-W8DPV-K2L4M), with the label "Fingerprint" and the last group of five characters underneath it (the fingerprint is a safe-to-show short form of the key used elsewhere, like on a Wallet pass, without exposing the whole thing). - 4A Copy button sits beside the key; clicking it copies the full formatted key to your clipboard and the button briefly reads "Copied" before reverting.
If you typed the wrong password, the dialog stays open and shows an inline error. The first wrong attempt is a plain message with no penalty. On the third wrong attempt within five minutes, the dialog locks with a message naming the time you can try again, and a failed-attempt entry writes to your account's access history, plus a security notice email to your primary contact address. This lockout exists so a captured password alone still cannot brute-force the reveal.
The 30-second auto-hide
Once revealed, the key does not stay on screen. A line at the bottom of the reveal reads "Hides in Ns", counting down from 30 seconds. When it hits zero, the dialog closes on its own and the key is gone from the screen; you would need to confirm your password again to see it a second time.
The reveal also disappears early in two other cases: if you switch away to another browser tab or application (the countdown does not wait for you to come back), or if you click the Hide button yourself. All three paths exist for the same reason: the key is sensitive enough that it should never sit visible on an unattended screen.
If you need more than 30 seconds to copy the key down by hand, use Copy immediately after the reveal appears, or download the PDF instead, since the document itself has no timer.
Downloading the Verinode Membership document
Download Verinode Membership on the password dialog (or the equivalent button on Sign-in & Security) skips the on-screen reveal and generates a PDF instead: your Verinode welcome letter, an image of your membership card, and the Vault Key printed in full, plus what to do if you ever lose it. The file downloads with a name like verinode-membership-{your-business}-{date}.pdf.
The PDF is generated fresh every time you click, on demand. It is never stored on Verinode's servers, never cached, and never emailed to you, the only copy that exists afterward is the one that lands in your downloads folder. Save that file somewhere durable: a password manager, a printed copy in a safe, or both.
Who can reveal it
Every authorized person on your account (up to the seat limit on Premier memberships) can read and write their own encrypted data day to day, that access is not restricted. Revealing the master Vault Key itself, the printed, recoverable form of it, is different: only the account holder (your account's designated billing contact) can do it.
If you are on a multi-membership account and are not the account holder, the Vault Key section on Sign-in & Security shows this instead of the View/Download buttons:
Your account holder holds the recovery Vault Key. You have full access to your encrypted data. To view or download the Vault Key itself, ask your billing contact.
The same restriction applies to the key chip on the Membership & Billing card: on a non-account-holder seat, the chip stays decorative (not clickable) and the same explanatory line appears underneath the card instead. This is a single-person gate by design: the Vault Key is a recovery instrument, and having exactly one clear owner for it (the same person who owns billing) keeps that recovery path unambiguous. If your account somehow has no billing contact on file, an admin seat can reveal it as a temporary safety net, so no account is permanently locked out of its own recovery key.
If you have not set up a Vault Key yet
Accounts created before this feature shipped may not have a Vault Key yet. In that case, the Vault Key section on Sign-in & Security shows a "Set up your Vault Key" button instead of View/Download. Clicking it expands a password field inline; confirming your password generates your key on the spot, and it displays immediately in the same 30-second reveal described above, with a reminder to save it somewhere durable. After that, the View and Download buttons take its place for every future visit.
Best-practice example
The day you notice the Vault Key section in Settings, download your Verinode Membership document once and put it somewhere durable, a password manager entry or a printed copy in a safe. You should not need to open the reveal dialog again unless you lose that document: if you ever forget your password, the password-reset flow asks for the Vault Key from this document alongside your new password, and your encrypted data stays exactly where it was. If you are the account holder on a multi-membership account, treat this as a one-person responsibility, your teammates keep full day-to-day access to their own encrypted data regardless.
Related reading
- Your Profile & Settings: an overview
- Your personal profile: name, photo, and details
- Connecting your data
- Understanding your margin
Data sources
- 1.Your account's Vault Key, wrapping, and access history. Verinode security infrastructure.
- 2.Your membership, billing contact, and Intelligence Unit balance. Verinode billing system.