Back to Blog

What Is a Decoy Password and Why Your Vault App Needs One

A decoy password opens a fake vault filled with harmless content, giving you plausible deniability if someone forces you to unlock your phone. Learn how this critical privacy feature works and which apps offer it.

Imagine someone demands that you unlock your vault app. Maybe it is a nosy acquaintance, a controlling partner, or a border agent. You comply, type in a PIN, and the app opens to reveal a handful of ordinary, harmless photos. The person is satisfied and moves on. What they do not realize is that the real vault, containing your genuinely private files, remains completely hidden behind a different passcode. This is the power of a decoy password.

How a Decoy Password Works

A decoy password is a secondary passcode that opens an alternate version of your vault. The app maintains two separate storage spaces:

  • The real vault: Opened by your primary passcode, containing your actual private files.
  • The decoy vault: Opened by the secondary passcode, containing whatever harmless content you choose to place there.

From the outside, both vaults look identical in terms of interface design. There is no visual cue, no asterisk, no subtle difference that would tell an observer they are looking at the decoy rather than the real vault. The only thing that determines which vault opens is the passcode entered at the login screen.

Setting Up a Convincing Decoy

The effectiveness of a decoy vault depends entirely on how convincing it looks. A completely empty vault is suspicious. A vault with a few mundane photos, a couple of documents, and maybe some saved bookmarks looks like a vault that someone actually uses. Best practices include:

  • Adding 10 to 20 casual photos that are private enough to justify a vault but not sensitive.
  • Including a document or two, such as a scanned receipt or a saved password list with dummy entries.
  • Updating the decoy periodically so the "last modified" dates look current.
  • Choosing a decoy passcode that you can type naturally under pressure without hesitation.

Real-World Scenarios Where Decoy Passwords Matter

Relationship Privacy

Healthy relationships include personal boundaries, but not everyone respects them. A decoy vault allows you to satisfy a partner's curiosity without surrendering your genuine privacy. You can show the vault is "just a few old photos" and move on without conflict.

Border Crossings and Device Inspections

In some countries, authorities can request access to your device during border crossings. While legal frameworks vary, having a decoy vault means you can comply with an inspection request without exposing confidential business documents, private communications, or personal content.

Workplace and Shared Devices

If your employer has policies that allow device inspection, or if you share a tablet with family members, a decoy vault provides a clean, believable layer of content while your actual private files remain inaccessible.

Safety Situations

For individuals in abusive situations, a decoy vault can be life-saving. Evidence, emergency contacts, and sensitive documents can be kept in the real vault while the decoy satisfies an abuser's surveillance.

Which Vault Apps Offer Decoy Passwords?

Not all vault apps include this feature. Here is a comparison of popular options:

  • Stash: Secret File Vault — Full decoy vault with separate storage. Both vaults are AES-256 encrypted. The decoy is indistinguishable from the real vault. Also includes intruder detection as an additional safety layer.
  • Keepsafe — Offers a "fake PIN" feature in the premium tier that shows a limited decoy album. However, the decoy is less customizable and the main vault is cloud-synced.
  • Calculator+ — No decoy vault feature. Single passcode only.
  • Private Photo Vault — Offers a decoy mode in the paid version, but limited to photo content only.
  • Folder Lock — Includes a "decoy mode" but user reviews report inconsistent behavior and occasional bugs.

Decoy Password vs. Other Privacy Features

A decoy password is just one piece of a comprehensive privacy strategy. It works best when combined with other features:

  • Disguise mode: The app itself looks like a calculator, fitness tracker, or music player. Even finding the vault requires knowing it exists.
  • Intruder detection: If someone tries to brute-force your passcode, the app captures a silent selfie. Combined with a decoy, this means an attacker might think they succeeded while the app logs their face.
  • AES-256 encryption: Even if someone bypasses the app entirely and accesses your device's raw storage, the files are encrypted and unreadable.
  • On-device storage: No server means no subpoena target, no data breach risk, and no third party with access to your content.

How to Enable a Decoy Vault in Stash

Setting up a decoy vault in Stash takes about a minute. Open the app settings, navigate to the Decoy Vault section, and choose a secondary passcode. Then switch to the decoy vault and add your harmless decoy content. From that point forward, entering the decoy passcode at the login screen opens the decoy, while your primary passcode opens the real vault. It is that simple.

A decoy password is not a luxury feature. For anyone who takes personal privacy seriously, it is a necessity. Download Stash from the App Store and set up your decoy vault in under a minute.

Try Stash for Free

AES-256 encryption. 3 disguise modes. Decoy vault. Intruder detection. No data leaves your device.

Download Stash Free