decoy logodecoy
decoy vs Apple Passwords

apple passwords — plus a fresh email per signup, an inbox that reads itself, and ai assistants you can actually trust.

apple passwords is free and clean, and apple intelligence does a nice job summarizing mail. but hide my email only gives you random @icloud addresses, and nothing extracts promo codes, CTAs, or inbox breach hints across every account you protect — let alone lets an ai assistant act on them.

see side by side →
decoy
free for founding members
Apple Passwords
free (with iOS 18+)
the password manager basics

everything Apple Passwords does

  • passwords, TOTP codes, and passkeys autofilled across iOS and safari.
  • end-to-end encrypted means even we can't read your data — it can only ever be read on your device.
  • move passwords, passkeys, and TOTP seeds from apple passwords in one tap via CXP on iOS 26.
  • safari extension fills fields and creates decoys inline at signup.
what decoy adds

and what Apple Passwords skips

  • disposable emails on demand — like hide my email, but you send and reply from inside decoy, to as many recipients as you need. hide my email forces every alias email through apple mail, one recipient at a time. forwards to any inbox (not just @icloud). optional personal alias (yourname.decoys.me) lets you invent any prefix on the fly — gym@, netflix@, shopping@.
  • iOS already autofills sms 2fa codes and apple intelligence summarizes mail. decoy extracts more across every inbox you protect — promo codes you tap to copy, email 2fa codes, action buttons, breach hints from alias activity. all on-device, across every account, and any ai agent can act on it.
  • when an ai agent needs account information, Decoy lets the user choose what it can access and for how long. every Decoy data access is recorded.

side by side

where decoy wins, and where it doesn't.

disposable emails
a different email for every signup — so when a site gets breached or starts spamming, you burn the decoy, not your real inbox. send and reply from any of them.
decoy
unlimited, send + receive
Apple Passwords
hide my email (receive-only free; send via apple mail, 1 recipient)
password manager + 2fa
passwords, 2fa codes, and passkeys in one place, autofilled on iOS — so you stop juggling an authenticator app to sign in.
decoy
passwords, TOTP, passkeys
Apple Passwords
yes (with TOTP)
end-to-end encryption
end-to-end encrypted means even we can't read your data — it can only ever be read on your device. if we ever got breached, there's nothing readable to steal.
decoy
yes
Apple Passwords
yes
migration & import
move your whole vault over in one tap via apple's credential exchange (CXP) — and one tap moves it back out if you change your mind. no csv files, no lock-in.
decoy
CXP import from apple passwords
Apple Passwords
CXP import + export (iOS 26)
on-device ai
your inbox never leaves your phone — we use on-device ai so we can pull out promo codes, catch 2fa automatically, summarize what's new, and flag breach hints, all without shipping your mail to a server.
decoy
iOS 26 foundation models
Apple Passwords
summaries + priority only, no extraction
ai agents
when an ai agent needs a login, inbox or personal detail, Decoy lets the user choose the exact accounts and information it can access and for how long. every Decoy data access is recorded.
decoy
MCP + user-controlled access
Apple Passwords
not supported

be a nobody. get unlimited perks.

free for founding members. lock it in now.

switch to decoy if…

  • you want disposable emails that forward to any inbox (not just @icloud), with the option to claim a personal alias (yourname.decoys.me) for prefixes you invent on the fly.
  • you want more than inbox summaries — promo codes you tap, email 2fa codes, CTAs with their destinations, breach hints — all extracted on-device across every account you protect.
  • you want ai agents to act on your behalf without handing them your real email, real password, or apple id — decoy gives them a disposable identity instead.
  • some of your logins live outside the apple ecosystem (a work laptop, a partner's android) — decoys forward to any inbox (gmail, outlook, proton), not just @icloud.
or pick Apple Passwords if…
  • you want iCloud keychain's native credential sync across iPhone, iPad, Mac, and Apple TV without opening a separate app.
  • you want a password manager apple audits and maintains — no third-party app to trust.
  • you want hide my email's random @icloud addresses to live inside the apple ecosystem — forwarded to your @icloud inbox, managed in apple passwords, no separate app to install.

free for founding members

join the waitlist to lock in founding-member status. paid tiers come later — you stay free.

questions

apple passwords is free. why use anything else?
decoy is free for founding members too. keep apple passwords for apple logins; use decoy when you want a fresh email per signup, inbox intelligence (promos, 2fa, summaries), and ai assistants that can act on your vault.
can i import from apple passwords — and export my data if i change my mind?
yes. apple's credential exchange (CXP, new in iOS 26) moves passwords, passkeys, and TOTP seeds from apple passwords into decoy in one tap. export from decoy is always available — you own your data and we're built so you can leave.
how is decoy different from hide my email?
hide my email is bundled with iCloud+ (from $0.99/mo for the base tier) — free if you already pay for iCloud storage. it gives you random @icloud addresses that forward to your primary @icloud inbox, only on apple devices. decoy's default works the same way — a disposable email generated on demand for each signup — but forwards to any inbox you use (gmail, outlook, proton, or @icloud). if you want the option to invent prefixes on the fly (gym@, netflix@, shopping@), you can claim a personal alias (yourname.decoys.me) as a bonus. plus send + reply from any decoy, a password manager + TOTP + inbox ai. free for founding members.
does decoy lock me into apple like hide my email does?
no. decoys forward to whatever inbox you already use — gmail, outlook, proton, fastmail. any ai agent can manage them from any device via MCP.
can i actually send emails from a decoy address?
yes — from inside the decoy app, to as many recipients as you need, with full email threading. hide my email lets you send too, but only through apple mail on an apple device, and only to one recipient per email. decoy keeps the send flow inside the app you already use for the rest of the alias.
does decoy replace apple intelligence?
no. apple intelligence summarizes mail and categorizes your inbox. iOS autofills sms 2fa codes. Decoy adds extraction across every inbox you protect and lets users control which accounts and information an ai agent can access and for how long.
if i claim a personal alias, can data brokers correlate my decoys back to me?
only if you use the personal alias. decoy's default disposable emails are random, uncorrelated strings on the shared @decoys.me domain — same privacy posture as hide my email. the personal alias (yourname.decoys.me) is an optional add-on for when memorability matters more than correlation resistance. use the default for sensitive signups, claim a personal alias for the ones where you want to invent prefixes.
does decoy only work on iPhone?
today, yes — the decoy app is iOS (iPhone + iPad) with a safari extension on iOS and macOS. desktop and other platforms are in active development. your decoys already forward to whatever inbox you use on any platform (gmail, outlook, proton), and any ai agent can manage them from any device via MCP.