AES-256 zero-access encryption, explained
Your email content and login tokens are encrypted with AES-256-GCM before they are stored, using a key derived just for your account with PBKDF2-SHA256 at 100,000 iterations. We call this zero-access, because it means MailOver cannot read your mail.
What zero-access means
Zero-access is the term we use for how your data is stored. Your email content, the subjects, bodies, and snippets, along with the login tokens that connect your inbox, are encrypted before they ever touch our database. The encryption is built so that your account is the thing that unlocks your data. MailOver cannot quietly read your mail, and our staff cannot open it.
That word, zero-access, is the same one our security documentation uses. It is a promise about what the system can and cannot do, not just a policy we ask you to trust.
The encryption, in plain terms
Here are the actual pieces, named the way an engineer would name them.
What is encrypted
Two things in particular are encrypted before storage: your email content, meaning the subject lines, bodies, and snippets we sync, and the OAuth tokens that keep your inbox connected. Both are scrambled at rest, so a stolen database file is just noise without your key.
Encryption is on by default for every account. There is nothing to turn on, and no setting that weakens it. For the rest of the picture, see Is my email private? and Does MailOver train AI on my email?