LMN8 is one privacy app with three features: Zero permanently and irrecoverably erases sensitive data, Encrypt seals files in on-device vaults, and SOS shares your location only with people you trust. Zero uses cryptographic erasure — it encrypts your data and destroys the key — before overwriting and verifying it.

Is the data really irrecoverable after using LMN8?

Yes, LMN8 uses advanced data sanitization methods that make data irrecoverable. Once data is deleted using LMN8, it cannot be retrieved through any means.

What platforms does LMN8 support?

LMN8 is currently available for Windows and Android devices. More platforms are coming soon.

Is LMN8 GDPR compliant?

Yes, LMN8 helps organizations comply with GDPR and other data protection regulations by ensuring complete and verifiable data destruction.

About LMN8 · One app, three features

One app for the data you keep, hide, or end.

Name: LMN8
Rating: 4.8 (100 reviews)
Author: LMN8

LMN8 is a privacy company first. We build one app around a single idea: your data should answer to you and no one else. Three features carry that out — Zero ends data for good, Encrypt keeps it unreadable to everyone but you, and SOS shares where you are only with the people you trust.

No copies on our servers. No keys we can read. Every line of code is filtered through one question: does it leave you more in control of your data, or less?

Zero · Delete

Delete, properly.

Most “delete” just removes a pointer and leaves your bytes on the disk for any recovery tool to find. Zero doesn’t hide your data — it ends it. It encrypts the file, destroys the only key, then overwrites, releases, and verifies what’s left.

LMN8 Zero · This Device (Windows)

Select files to erase irrecoverably2 selected · 3.6 unit

✓

tax_returns_2023.pdf

Documents/

2y old

2.4 MB

old_passport_scan.jpg

Documents/

1y old

8.1 MB

✓

draft_manuscript.docx

Documents/Drafts/

3m old

1.2 MB

source_videos/

Media/

6m old

4.8 GB

project_archive.zip

Downloads/

4m old

890 MB

cache_2024/

Downloads/

1y old

12.3 GB

Crypto-erase + 3-pass overwrite

Eight steps. One of them is the point of no return.

The moment the encryption key is destroyed, your data is mathematically irrecoverable — by cryptography, not by a promise that the overwrite finished. Everything after that is defense in depth.

01
Hide
The file vanishes from view instantly.
02
Encrypt
Every byte sealed with a random AES-256-GCM key.
03Point of no return
Destroy key
The only key is shredded in locked memory.
04
Obfuscate
Name and extension replaced with random hex.
05
Overwrite
1, 3, or 7 passes of random and zeros, plus slack space.
06
TRIM
On SSDs, blocks are physically released to the drive.
07
Delete
Removed from the filesystem, with retry and backoff.
08
Verify
Confirmed gone. Erasure record saved if you opted in.

Beyond the standards

Meets the bar regulators set, then steps over it.

Multi-pass overwrite standards assume the bytes are still there to scrub. By encrypting first and shredding the key, Zero makes the data unrecoverable before a single overwrite pass even begins. On modern SSDs — where wear-levelling means a blind multi-pass never touches the original cells — we follow NIST 800-88 guidance and pair crypto-erase with TRIM instead.

+ Cryptographic erasure first.
AES-256-GCM with a random key that lives only in locked memory, then is shredded.
+ SSD-smart, per file.
Detects SSD vs HDD on each file — crypto-erase + TRIM for flash, multi-pass overwrite for spinning disks.
+ Verified, not assumed.
Every job ends with a check that the file is actually gone, with an optional erasure record you can keep.

ERASURE RECORD · lmn8-a3f9 opt-in

file: tax_returns_2023.pdf

size: 2,465,280 bytes

method: AES-256-GCM crypto-erase

overwrite: 3-pass · random/zeros/random

trim: issued

verified: unrecoverable

started: 2026-06-09T02:14:05Z

completed: 2026-06-09T02:14:07Z

sha-256 (pre-erasure):

a3f9e1d8c7b64a2f091b8e5d3c2a1f9e8d7c6b5a4f3e2d1c0b9a8f7e6d5c4b3a

● VERIFIED · saved to this device

What Zero does

Six quiet ways to let go.

/01

Wipe by hand.

Pick files or whole folders and end them on the spot — crypto-erase, then a 1, 3, or 7-pass overwrite of what remains.

/02

Set it once.

Schedule recurring cleanups daily, on weekdays, or every N days. Filter by file type, age, or name pattern.

/03

External drives, too.

HDDs, SSDs, and USB sticks. SSDs get crypto-erase + TRIM; spinning disks get the full multi-pass overwrite.

/04

Reach a device from anywhere.

Trigger a wipe on any linked device the moment it touches the internet. Lose a laptop, end its data from your phone.

/05

The LMN8 button.

One action reaches every linked device at once — for the moments you mean it most.

/06

Keep the receipt.

Opt in to an erasure record for every job: file, size, method, passes, verification, and timestamps.

Encrypt · Protect

Unreadable to everyone, except you.

Encrypt turns a folder into a secure vault, right where it already lives. No cloud upload, no copy made. Seven cipher suites to choose from, a key derived on your device that we never see, and even the file names sealed away.

LMN8 Encrypt · My Vaults

VAULTS

🔒

tax_2025

12 files · 38 MB · AES-256-GCM

🔒

client_contracts

47 files · 120 MB · Triple-Hybrid

🔓

journal

3 files · 2 MB · AES-256-GCM

CIPHER SUITE

Seven AEAD suites. Pick one, or stack for defense in depth.

SMART ACCESS · 3 PASSWORDS

ReadOpens the real vault

DecoyOpens a harmless decoy

DestroyWipes it with Zero

ACTIVE CONFIG

stack: AES-256-GCM

kdf: Argon2id (64MB · t3 · p4)

keys: device-only · never synced

Smart encryption

One vault. Three passwords.

Set up to three passwords for the same vault. Which one you type decides what happens — so a forced unlock never has to reveal what actually matters.

Read

Your real password. Opens the vault and shows your files, exactly as you left them.

Decoy

Opens a believable decoy folder you set up in advance. Plausible deniability when someone's watching.

Destroy

Looks like a normal unlock, but silently runs a Zero wipe of the vault. The wrong hands become a kill switch.

What Encrypt does

Your files. Your keys.

/01

In-place vaults.

Encrypt folders where they already live. Nothing is uploaded and no plaintext copy is left behind.

/02

Seven cipher suites.

AES-256-GCM, ChaCha20-Poly1305, XChaCha20, AES-GCM-SIV, a combined AEAD mode, and a compressed AES variant.

/03

Triple-layer hybrid.

Stack AES, ChaCha20, and XChaCha20 in one pass when you want belt, braces, and a spare.

/04

Keys we never see.

Derived on your device with Argon2id (64 MB, memory-hard). Nothing to escrow, sync, or hand over.

/05

Names stay private.

File names, extensions, and structure are scrambled and mapped under encryption. An adversary sees opaque blobs.

/06

Post-quantum, rolling out.

Quantum-resistant options are being added to the suite, so today's vaults stay sealed against tomorrow's computers.

SOS · Signal · Coming soon

Live location, only to people you trust.

Share where you are with exactly who you choose, for exactly as long as you want. End-to-end encrypted and self-expiring — just you and the people you tell, with nothing kept in between.

LMN8 SOS · Live sharing

YOU · 2m accuracy

Mom

Alex

● E2E · PEER-TO-PEER · NO SERVER

ACTIVE SHARES

Mom

2h remaining

Alex

Until I reach home

Work team

Paused

Silent · All trusted contacts · Full precision

What SOS will do

Peer to peer. Never to them.

/01

End-to-end encrypted.

Your location is sealed on your device and opened only on a trusted contact's. Nobody sits in the middle.

/02

Self-expiring shares.

Set a timer, a destination, or a duration. When the condition is met, the share ends — no exceptions.

/03

Nothing kept.

We don't store where you've been. There's no history to breach, subpoena, or leak.

/04

Silent emergency.

One gesture quietly broadcasts your live location to every trusted contact, without alerting anyone nearby.

/05

Trusted circles.

Build groups — family, close friends, a field team — and share with everyone in one move.

/06

Emergency contacts.

Name the people who should always be able to find you when it counts, and no one else.

One app, not three

The features don’t just sit side by side. They back each other up.

Encrypt's destroy key runs Zero.

The duress password doesn't just lock you out — it ends the vault with the same crypto-erase pipeline.

One account, every device.

Wipe, encrypt, and manage from laptop to phone, with a registry encrypted by keys derived locally.

Keys never leave your device.

Whatever the feature, the same rule holds: we hold nothing we could be forced to hand over.

Crypto-erase firstNIST 800-88 alignedGDPR / CCPA / HIPAA alignedDevice-only keysArgon2id KDFVerified erasure

Letting go feels better when it’s permanent.

One app, on the device you trust most. Zero and Encrypt are available now; SOS is on the way.

Create account View pricing