Skip to content

PIN and Recovery

This page covers the operational side of the PIN. For the concept and threat model, see PIN and Privacy.

Changing your PIN

From Account > Privacy > PIN:

  1. Tap Change PIN.
  2. Enter the current PIN.
  3. Enter the new PIN twice.
  4. Confirm.

The app then:

  • Decrypts your ciphertext with the old key.
  • Re-encrypts with the new key.
  • Sends the new ciphertext to the server.
  • Updates the cached key on this device.

If the new PIN does not match its confirmation, nothing changes. If the current PIN you entered is wrong, the operation refuses.

The cached key

Once you sign in and unlock with your PIN, the derived key is cached in your browser's IndexedDB so you don't have to re-enter the PIN on every page load.

  • Maximum cache lifetime: 7 days.
  • The cache is per-browser. A new device or browser asks for the PIN again.
  • Signing out from the BLINK menu clears the cache on that device.
  • Clearing browser data clears the cache on that device.

If you want a fresh PIN prompt for any reason, sign out and back in.

What happens if you forget your PIN

Your encrypted data is unrecoverable.

Specifically, you lose:

  • All fetish interest levels.
  • The hard limits list.
  • The full inventory (toys, clothing, accessories) and notes.
  • Your personal Domina's personality.
  • Your safe word.
  • Every chat message ever sent or received.

You keep:

  • The account itself.
  • Your tier, role, Charm balance.
  • Your level and XP.
  • Session metadata (title, difficulty, date) and summaries.
  • Generated images and AI Studio images.

The unencrypted side of the account is still useful, but the rest is gone.

Forgot-PIN flow

There is no "Forgot PIN" button by design. The server cannot help you because it cannot read the data. If you have truly lost the PIN, the best path is:

  1. Open Account > Privacy > Reset Encrypted Data.
  2. Acknowledge the warning.
  3. The app discards all encrypted blobs on the server.
  4. You set up a new PIN as if you were onboarding again.
  5. You re-enter fetishes, hard limits, inventory, Domina personality, and safe word.

This is destructive but does not delete your account. Sessions and billing carry over.

Switching devices safely

If you are about to sign in on a brand-new device:

  • Make sure you remember the PIN.
  • The new device will prompt for it on first unlock.
  • Once unlocked, the new device caches a key (good for 7 days on that device).

There is no "trust this device" prompt - the PIN is the trust signal.