FAQ.

What is Locktab?

Locktab is a free Chrome extension that locks browser tabs for privacy when sharing a device. Four choices, each independent:

What you lock: a single tab, or an entire domain.
When it locks: manually (click or Alt+L), every visit to a domain, when you switch tabs, or auto-relock after 1, 5, or 15 minutes.
What it looks like: a blurred overlay (light / medium / heavy), or a decoy page (fake Google, Twitter, YouTube, error screen, etc.).
How you unlock: drag the lock icon, or type a password.

Mix and match however you want. Lock your banking tab with a password and a fake Google decoy, set to re-lock after 5 minutes. Auto-lock Twitter on every visit with a drag-to-unlock and a medium blur. Your call.

Is Locktab free?

Yes, completely free. No ads, no tracking, no premium tier.

Is Locktab secure?

Locktab is tamper-evident, not tamper-proof. The only real ways to bypass it are to disable or uninstall the extension — and both leave obvious evidence:

Disabling requires going to chrome://extensions — the extension just disappears from the toolbar. Anyone who does this is making a visible, deliberate choice.

Uninstalling wipes local settings, but Locktab stores your install date in Chrome's sync storage. On reinstall, it detects the mismatch and shows a "Reinstalled" warning in the popup with the original install date.

DevTools bypass is actively defended. While locked: F12 and other DevTools shortcuts are blocked, right-click is disabled on the overlay, and a MutationObserver watches for DOM tampering — any attempt to delete the overlay triggers re-injection and a tamper flag that shows in your access log and popup.

What Locktab is not: it's not encryption. The page data behind the overlay still exists in the tab. For protecting sensitive data against a sophisticated attacker with physical access, use OS-level user accounts, full-disk encryption, or dedicated security software. See our Terms for full disclosure.

What data does Locktab collect?

Absolutely nothing. All your settings stay on your device in local browser storage.

The extension makes no outbound network requests. No analytics, no tracking, no third-party SDKs. See our Privacy Policy for details.

How do I install Locktab?

Install directly from the Chrome Web Store. Once installed, pin the extension to your toolbar for quick access.

You can also load it unpacked for development: go to chrome://extensions, enable Developer mode, click "Load unpacked", and select the extension folder.

How do I lock a tab?

Three ways:

1. Click the extension icon in your toolbar and hit "Lock this tab."

2. Press Alt + L as a keyboard shortcut.

3. Enable auto-lock for a domain so it locks automatically every visit.

What's the difference between drag and password mode?

Drag mode — a quick way to unlock by dragging the lock icon into a circle. Good for focus mode or when you just want to hide a tab from a quick glance.

Password mode — requires typing a password. Your password is hashed with SHA-256 before being stored locally. Includes a 5-attempt lockout with 60-second cooldown to prevent brute-forcing.

What are decoy screens?

Instead of a blurred overlay that screams "something is hidden here," decoy screens show a fake page — a Chrome error page, fake Google homepage, fake weather site, fake Twitter feed, etc.

Anyone glancing at the screen just sees a normal (or broken) page. To unlock, triple-click anywhere and the real unlock prompt appears on top.

Auto-match mode picks the best decoy for each site automatically. Manual mode lets you pick one theme for everything.

Can I add my own decoy pages?

Yes — the decoy system is modular and open. Each theme is a single JavaScript file under the extension's decoys/ folder.

To add one:

1. Create decoys/yourtheme.js with a builder function.
2. Register it with registerDecoy() — specify which domains it auto-matches.
3. Add the file to manifest.json and reload the extension.

Full walkthrough with code examples is in the decoys/README.md file inside the extension source.

How do I reset my password?

Locktab does not store plaintext passwords and cannot recover them. This is by design — if we could recover your password, so could anyone with access to the extension files.

To reset: uninstall and reinstall the extension. This clears all settings including your password.

Your install date tracks whether someone reinstalled the extension, so if you see a "Reinstalled" warning in the popup, that's how to spot it.

What's the access log?

Every unlock attempt is logged — successful, failed, and tamper events. You can view the last 50 entries in the extension's Settings page under "Activity."

Useful for catching anyone who's been trying to guess your password while you were away.

Why doesn't it work on Reddit in Microsoft Edge?

Microsoft Edge specifically blocks content script injection on www.reddit.com. This is an Edge-level restriction — not something Locktab can override.

Workarounds: use old.reddit.com (works fine in Edge), or use Chrome for new Reddit.

Does Locktab work on Chrome, Edge, Brave, etc.?

Yes, Locktab works on any Chromium-based browser — Chrome, Edge, Brave, Vivaldi, Opera. Firefox is not currently supported.

How do I report a bug or request a feature?

Email hi@locktab.app with details. Include your browser, OS, and steps to reproduce if it's a bug.