June 21, 2020 at 07:35 #16160
I tested AxCrypt by encrypting a batch of photos that were not important. Encryption worked well and fast. But I forgot the password. So I deleted all the encrypted files. Next I went to the recycle bin and marked the deleted files to be restored. All the photos were restored and unencrypted. Is this the way AxCrypt is supposed to work? Doesn’t seem secure if encryption can be broken by simply deleting and restoring?June 22, 2020 at 02:22 #16163
Actually, AxCrpt, encrypted several folders containing photos. Although it displayed photos as encrypted, it might have only encrypted the folders. And when the folders were deleted and recovered, all of the photos were viewable without password.June 22, 2020 at 09:56 #16167
Hello Dafney Dewitt,
AxCrypt encrypted files are still encrypted state if we delete the encrypted file from the system.
If restore the encrypted file, No way the encrypted file to change unencrypted state in the system. Still, your files are encrypted state only.
I think, if you try to open the restore encrypted file using AxCrypt app.now AxCrypt app open the encrypted files.
Please note: AxCrypt 2 now use a single sign-on model where the same password is used to sign in to our servers and to protect your files.
AxCrypt app are required to open/decrypt the AxCrypt encrypted files. without AxCrypt app we cannot decrypt the encrypted files.
Still, if you are facing any issues, please write to Support@axcrypt.net. we are happy to help you.April 13, 2021 at 18:55 #20355
I do not understand Prabhukumar R’s reply. I encrypted a PDF file in a folder on OneDrive, then opened the OneDrive recycle bin using a Web browser. I found the unencrypted file (.pdf) there, and restored it to the folder where it was before. I now have the encrypted file (.axx) and the unencrypted file (.pdf) in the same folder – two files, one readable. It seems to me that this is an easy way to get access without needing to decrypt the file. I would expect a secure encryption app to delete the unencrypted file, not store it in the OneDrive recycle bin or anywhere else.April 14, 2021 at 13:49 #20364
Hello John Sampson,
AxCrypt works by decrypting files temporarily and then launching the appropriate application for the decrypted file, which thus is entirely unaware of AxCrypt. AxCrypt monitors the system for the launched app to exit, and when it detects this it will re-encrypt the file and wipe (overwrite) the decrypted file and then delete it.
Note: The temporary files will be removed as soon as the opened encrypted file closed/signed out from the AxCrypt app.
If you have any queries, please feel free to contact our support via email@example.com.April 14, 2021 at 14:05 #20365
I don’t understand this reply either. I was encrypting a file. Axcrypt could not decrypt it because it was not encrypted anyway.April 15, 2021 at 14:36 #20373
Hello John Sampson,
Please explain the more detailed(step by step) information about the issue also some screenshots. we are trying to find the issue and fix the issue as soon as possible. Also you can write an email to our support team firstname.lastname@example.org.April 15, 2021 at 15:47 #20375
The issue is quite simple. To encrypt a file, Axcrypt produces an encrypted version of the file the user chooses. It then deletes the original file but allows the operating system to store a copy of it in the recycle bin. This is the usual way an operating system deletes a file, but it is not secure. Why does Axcrypt not erase the original file securely? Is there a way to ensure that the original file is erased properly?April 15, 2021 at 17:31 #20376
Obviously AxCrypt does not use the Recycle Bin to delete any sort of files. Be it original files, temporary (previewed) files, or any other files it handles.
Just as a simple test I just encrypted a file on my computer, and of course there’s nothing showing up in my Recycle Bin (as expected).
I would expect the original user to have confused some other files they deleted, with files AxCrypt uses. And then thinking it recreating encrypted files. If you can recreate that ehaviour somehow, we’re of course very interested in how, because it would obviously be a major bug.April 15, 2021 at 17:52 #20378
So I also have just now encrypted a file on my computer, then opened the OneDrive recycle bin via Brave browser. The filename of the plaintext file appears there. I would attach a screenshot but I do not see how to do that here.
It may be that I have a setting wrong, but if not there must be a bug in this version. I cannot find how to show the version.
John SampsonApril 16, 2021 at 19:32 #20393
Maybe this is something that happens in OneDrive? That’s of course not ok either if that’s the case. We’ll have a look at it and see if we can recreate this.
Are you using Windows 10? (I assume it’s windows since you use OneDrive)April 16, 2021 at 21:17 #20397
This is OneDrive. I also tried using an eraser-type app which is supposed to delete a file permanently by overwriting it. I again found that a copy of the file was in the recycle bin. So I was maligning Axcrypt as the culprit, and I apologise. It looks as if files cannot be securely deleted from OneDrive. The best solution is not to use OneDrive for confidential files. I don’t know how many people are aware of this issue.
JohnApril 19, 2021 at 14:19 #20425
Yes, we’re also seeing this behaviour from OneDrive, thank you for bringing it up. We’re investigating how the AxCrypt application should handle this.
For now, be aware that OneDrive does this and make sure their recycle bin is emptied after encrypting files. Or like you say, maybe avoid using OneDrive for files that you need to be absolutely sure they’re deleted securely for now.