Sign-in without a number: how the secret phrase works

A phone number ties your account to your identity and relies on SMS, which can be intercepted. Its weak spot is the SIM swap: take over the number, and a stranger can reach the services linked to it.

We didn't want your identity in a messenger to depend on a mobile operator and a single text message. So Koto is built on a different mechanism.

When you create an account, Koto generates 12 words — like the seed phrase of a crypto wallet. Those words are your account: a cryptographic key in a form you can write down and remember.

No email, no number, no form. Just the phrase, which only you hold. Creating an account takes a minute, and you can start chatting right away.

The phrase is generated and stored only on your device. Your encryption keys are derived from it, and they protect your chats. We don't have your phrase, and we can't read your messages.

This isn't a setting you might switch off by accident — it's the architecture: privacy is built into the app's design, not bolted on top.

Moving to a new device? Enter the same 12 words and your account comes with you. No SMS, no support ticket, no tie to your old phone.

That's why it's important to keep the phrase somewhere safe, ideally offline — on paper or in a password manager. We can't recover it for you: that's the whole point of real privacy. And don't screenshot the phrase into a cloud gallery.