Dosel was built security-first. The AI sees the screen. It never sees your passwords.
The data flow
Your device (local)
✓ CSV import
✓ Browser execution
✓Credential injection
SANITIZATION LAYER
The AI (cloud)
Receives: DOM / Screenshots
Returns: Navigation steps
Never receives passwords
We strip credentials before any data leaves your machine. The AI acts as a navigator — it identifies where the “change password” field is. Our local engine then injects your password directly into the browser using the Chrome DevTools Protocol.
Three pillars
No vault
Unlike traditional password managers, we do not maintain a cloud database of your data. If our servers were compromised, your data would be safe because we simply don't have it.
Memory wiping
Passwords exist in RAM only during the specific rotation task. Once the password is successfully changed, references are cleared from memory and garbage collected immediately.
The kill switch
The browser is not headless by default. You watch every click. If the agent tries to do something you don't like, you can hit stop or close the window instantly.
Local-first architecture
Your passwords are encrypted and stored on your Mac. They never touch our servers — because we don't have servers for your data. This isn't a feature; it's our architecture.
Your Mac → Encrypted vault → Your Mac. That's it.
Zero-knowledge design
We can't read your passwords even if we wanted to. Your master password derives an encryption key locally using Argon2id. The key never leaves your device.
Encryption
AES-256-GCMArgon2id key derivationPer-entry random IVsMemory-hard against brute force
AI agent sandboxing
The AI agent runs in a sandboxed browser environment on your Mac. It can only interact with password change forms. Network access is limited to the target site. No data exfiltration is possible.
Open source roadmap
We're working toward open-sourcing Dosel's core encryption and agent sandboxing modules so you can verify our security claims yourself.
Technical FAQ
Does the AI see my password?
No. The AI generates the action plan (e.g., "Click the button with ID #login"). The actual typing is handled by a local engine using a sensitive_data parameter, which ensures the LLM never receives the text string of your password.
Where are the logs stored?
Logs are stored locally on your machine at ~/Library/Application Support/dosel/logs/. We apply strict regex redaction to ensure no credentials appear in these logs. You can delete them at any time.
Is the app notarized?
Yes. The application is code-signed with an Apple Developer ID and notarized by Apple to ensure it has not been tampered with and contains no known malware.
What happens if the browser crashes mid-change?
We use a write-ahead safety net. The new password is written to a local recovery log (with 600 permissions, readable only by you) before we attempt to submit it to the website. You will never be locked out of an account due to a crash.
Can the AI see my screen?
It sees only the browser window during the password change task. Screenshots are sanitized with passwords already redacted.
What if I have 2FA?
The app will pause and prompt you to enter the 2FA code manually. We never handle or store 2FA tokens.
How is this different from a password manager extension?
Extensions store your vault in the cloud. Dosel executes locally and never stores passwords anywhere.
Do you use headless browsers?
No. You see every action in real-time. The browser window is visible by default so you maintain full control.