Technical Overview

A high-level view of how StayLogged handles encrypted sync, account authentication, and browser scope control.

Overview

StayLogged is built around a browser extension client and a hosted sync service. The product is designed to keep supported browser sessions available across your own browsers without turning the public website into a promise of a third-party developer API.

Authentication

Account sign-in is built around OPAQUE, which allows password-authenticated login without sending your password to the server as reusable plaintext. The browser extension uses that authenticated session to establish the encrypted transport needed for sync and account operations.

Encrypted Sync

Cookie payloads are encrypted on the client before upload. The hosted service stores encrypted sync material and coordinates delivery, while decryption remains tied to your authenticated client state.

Scope Control

StayLogged supports whitelist and blacklist sync rules so you can decide which domains should participate in sync. The intended setup path is to begin with a small set of trusted domains and expand only after you confirm the workflow matches your needs.

Technical Areas

Sync Flow

Browser session changes are prepared locally, encrypted, and delivered through the hosted sync path.

Encrypted Storage

The service stores encrypted sync material for recovery, multi-browser continuity, and account-linked access.

Account Security

OPAQUE-backed authentication and protected account flows reduce password exposure during sign-in and recovery.

Rule Management

Whitelist and blacklist domain rules define where sync should apply and where it should stay local.

What This Page Covers

Browser extension and hosted service roles

Which parts of the product run locally, which parts are hosted, and why the hosted service never needs plaintext cookie values.

Account and recovery flows

How sign-in, password changes, and recovery use authenticated account operations instead of exposing a general public API surface.

Domain-based sync rules

How whitelist and blacklist modes help keep sync limited to the sites you actually want to move between browsers.

Security assumptions for evaluation

What you should verify first if you are evaluating StayLogged for sensitive browser workflows or a staged rollout.

Security First

StayLogged uses TLS for transport, encrypts session payloads before upload, and keeps account authentication and sync establishment tied to protected client-side flows. The hosted service is not a public developer API for reading or mutating your session data directly.

Continue with setup and security review

Use the getting started guide for installation, then review security and browser support for the environment you actually use.

Open Getting Started