This topic contains 10 replies, has 2 voices, and was last updated by Bob 6 years, 4 months ago.
-
AuthorPosts
-
BobI just moved from V.1.x to V.2. On V.1, I could assign a unique password to each file(s), but then I could assign a different password to another file(s). Now with V.2 once I insert my primary password, it automatically opens all of my encrypted files even those I want to keep private in case I fail to sign out before leaving my desk. How can I protect different file sets?
Hello Bob,
These are rather common questions. Please check out the following blog entries:
BobI understand your logic – BUT, my work requires me to share my computer. There are files (currently encrypted through AxCrypt 1.x) which require company security but are needed by several persons. There are files (also encrypted V1.x) that are personnel confidential; these files are kept in a separate (V1.x) “crypt” with a different password. Now with V2.x, all using the computer have access not only to their required confidential data (pricing, delivery, etc.), but also to HR Personnel files – BAD!
Can I at least have 2 AxCrypt logon / password folders which I assure you I am capable of remembering and keeping separate to handle my concern? How to do it??
Hello Bob,
Even if you share the computer – you should *not* share Windows Accounts! This is just a bad idea in so many ways, especially if you have information that is confidential enough to warrant strong encryption like AxCrypt.
So respective users should log on their own Windows Account. They should do so regardless of AxCrypt 1.x/2.x or any other concern!
BobWith respect, I cannot change my operating protocol because your conceptions do not align with ours. Since V2.x cannot provide the capabilities of V1.x can you advise how to either return to V1.x or if 2 unique logins on V2.x will allow resolution of my problem.
Hello Bob,
I am sorry it’s not working the way you are used to, but in this case it’s not really about “my conceptions” – it’s about standard, normal security practices. Do not share accounts, on Windows or anywhere else security matters. It’s just that simple! Has nothing to do with differences between version 1 and 2 really.
Anyway, return to version 1 is done by decrypting any files encrypted or re-encrypted by version 2, uninstalling version 1, installing version 1, and then encrypting the files again with version 1.
Not quite sure what “2 unique logins on V2.x” means in this context. Two separate Windows logons, definitely. Two different accounts with AxCrypt, yes – but it’s inconvenient because we don’t support switching between accounts so you’ll have to clear settings between different usages.
Bob“In a perfect world” you win hands down.
What I meant is can I leave “our” computer shall we say “logged in” to Axcrypt V2 that would access all files in “call it” Crypt V2 giving all staff access to prices and deliveries (secure data) as long as the computer is active for work activity. Then, log in to Axcrypt 2 with a different login name and password which would decrypt all files in “Crypt 2” but not “Crypt 1”?
Assuming you will say such an approach violates all logical uses of encryption, can you please provide me a location for Axcrypt 1? I was unable to locate a legacy Axcrypt 1 download anywhere. We have had the old (Axcrypt 1) system using 2 different passwords in place for so long it just won’t fly with HR & Sales. I have been having to keep personnel files on a flash drive.
Hello Bob
Still not with you I’m afraid… I’m really trying, but I don’t follow your thinking. Sorry! Can you try to elaborate?
You’ll find the download for the old v1 at the old http://www.axantum.com site. You need to browse the site to the download page (start by clicking the logo in the top left corner), or you’ll be redirected to the new download page. Sorry for the inconvenience, but there are so many links out there that we really would like to point to the new site.
BobOK, think of it this way. With Ver.1 we had 2 folders: HR, Sales. Both contain what we consider to be clasiffied data. HR contains personal information on me, the sales staff, and the HR staff; our salary, address, etc. The sales are folders for repeat customers, misc. inquiries, and our pricing and delivery promises. All of this is considered propriety. We don’t want everybody to have access to personal information so that folder’s password is kept by me and the secretary.
Now, with Ver.2 access to all encrypted files is granted to everyone. If I had say one ID (email name) with its password that provided access to all the files in the old “Sales” folder, then everybody using our system can access it directly – this is a big gain with Ver.2 (don’t have to enter the password every time you switch files). But, the “HR” folder (I now keep it on a flash drive) based on Axcrypt’s Ver.2 protocol becomes accessible to all because all encrypted files are always open unless Axcrypt is logged out.
My question is if I had 2 IDs with 2 different passwords accessible (one for each file folder) then by leaving “Sales” open with its ID & PW for sales everyone using the computer can process orders. When HR wants to enter that folder one of us would have to log out of the Sales files and log into the HR files. Thus I have 2 logins and 2 passwords to switch between. All files are encrypted and secure when both are logged out.
Yes, multiple devices are much less cumbersome and more secure, but we are happy with what we had and keeping HR data on a thumb drive is a real pain. Everybody working on the same machine keeps everybody and all working files updated. We’re not that big and we interact well together. We are what is referred to as a TEAM and keep eachother up to date. Anyone answering a call can immediately research the latest information even if we didn’t enter the order.
Super on legacy (Ver.1). If you do not approve of my option, then I will follow your directions and uninstall Ver.2. Thanks much, BOB
Hello Bob,
You write: “Thus I have 2 logins and 2 passwords to switch between. All files are encrypted and secure when both are logged out.“.
Yes, that works fine, and is the way it’s supposed to be used – but, what I’m trying to say is that with one single Windows Account on the computer, it is very inconvenient to switch AxCrypt user.
You mention “multiple devices are much less cumbersome and more secure“. That is not what I am suggesting you need.
I am saying that the same physical Windows PC should have (at least) two different Windows accounts on them. A Windows computer is designed to be used by multiple persons. This works by creating different accounts on the computer, preferably on per physical person using the computer.
You’d place the the shared, but encrypted, files on a shared folder in the computer – that’s a folder that everyone on the same computer can access from their respective accounts.
Using different accounts has the added advantage of separating personal files, browsing history, bookmarks in the browser, saved passwords and other sign in sessions etc etc.
One computer – many persons with different accounts.
BobThank you. I appreciate your input and yes for the sake of ultimate security, each person should have his own computer with his own set of personal identities and passwords and probably all shared information should by secure at an off-site server location with at least 2-step login protocol (security trumps productivity). Everything should be backed up off-site on some type of raid processor and air gapped. But, what we had worked.
I have reverted to AxCrypt Ver.1x. We still have our 2 folders, 1 computer, 2 passwords, and “all is right with the world”. Regrettably, we all have our opinions of security. Seemingly all attacks go forward on large institutional services that can afford to do things “the right way”. Hopefully we will be able to remain clean and skate under the radar. Thanks again and possibly don’t forget us losers struggling to keep up with using legacy programs.
-
AuthorPosts