Forum Replies Created
-
AuthorPosts
-
Hello Will,
If you do not remember the password to your old account, you can always reset it. This is not a way to recover encrypted files! It’s only to allow you to sign in to the new AxCrypt. The new password will be used to encrypt new files. Go to https://account.axcrypt.net/Home/PasswordReset to do this, or you can also go there from AxCrypt with File | Options | Password Reset .
Unfortunately, if you do not know the password you cannot open an encrypted file. That is what AxCrypt is made for!
Please check the FAQ at http://www.axcrypt.net/support/faq/ for more information.
Hello Laurent,
Please read https://forum.axcrypt.net/blog/use-of-different-passwords/ .
Hello scott,
When you start AxCrypt, you are asked to sign in. The password used for sign in is the password used to encrypt and decrypt files as long as you are signed in.
It’s just like your email program. You sign in once, then you can read and write email without typing the password every time – until you sign out, or are automatically signed out.
AxCrypt works the same. You remain signed in until you sign out, or are signed out – which happens when you lock the computer, log out of Windows, the computer goes to sleep or is shut down.
March 9, 2017 at 08:01 in reply to: Forgot my new V2 AxCrypt sign in password after opening and converting a V1 file #5725Hello Justin,
I am very sorry to hear this. It appears you have understood correctly, what you describe is a very likely explanation of what has happened.
Unfortunately, we’ve had many similar incidents with V1, apparently it’s not altogether too uncommon to set a password encrypt a file and forget it.
For this reason, we’ve now made users enter the password no less than three times before we actually use it to encrypt anything. This has significantly decreased the number of such incidents, but it appears it happened to you anyway.
We also have the ‘show password’ option on by default to reduce the risk of typing something else that is expected.
Still, since it happened, again we need to clarify this even further.
We will be adding some form of first-time use information that you’ll have to ‘sign’ with your password where we’ll inform of the importance of not forgetting the password, as well as of how critical it is to use backups. We’ll also be adding a similar dialog when a V1 file is first converted, informing of what is happening.
Once again, I’m sorry.
On the another note, I’ve written a blog post about multiple passwords, here: https://forum.axcrypt.net/blog/use-of-different-passwords/ .
Hi Michel,
Jeremy points out the gist of the matter.
The “why” for most of the information should be obvious, but let’s expand on the encrypted private key. Just as Jeremy states, it’s serves as a backup should your device be lost or destroyed. More importantly, we use it keep it synchronized across devices so if you have two PC’s or a mobile phone, we’ll automatically download the private key to your device so you don’t need to keep track of it.
As to the security, Jeremy formulates it perfectly: “Having the key escrowed is no different to uploading an encrypted file to the cloud. If somebody can break into the encrypted private key then they could also break into the file without the private key. It makes no difference.”
You’re mistaken when you say “another people need only my public key to decrypt what I’ve encrypted with my private key“. And it’s not a matter of opinon ;-) Think about it. It doesn’t make sense. Your public key, is… public. Non-secret. If that was used to decrypt what you encrypted with your private key – where’s the security? It’s exactly the other way around.
It’s the public key that’s used when sharing with someone, but it’s the private key that is needed when someone shares a file key with you.
The public key of someone, perhaps yourself, gives anyone the capability to encrypt. But only the holder of the private key can decrypt that data. That’s why the private key is called private, because it’s private i.e. secret. It’s what enables you to decrypt something encrypted with your public, non-secret, key.
Hello Draftmission and Jeremy,
First – we’re unfortunately not likely to support direct payment via Swedish banks, or even Swish, in the near future. The reason for this is that each payment integration carries with it quite a bit of work. It’s not trivial, regardless of what the various providers claim. There is quite a lot of work involved with ensuring and recording a payment, calculating and handling of VAT, financial reporting, receipt creation etc. Just getting the agreement approval forms filled out for Swedish banks is a lot of administration. Sweden is a very, very small market for us so…
Second – Bitcoin we’d like to implement, and we will as soon as our payment provider Stripe supports this for european companies. Direct cash payments are unlikely to be supported, for the simple reason the manual handling of such payments costs more than the yearly cost…
Hello Vishal,
I am very sorry to hear that you apparently are the victim of a hacker ransom attack against your files.
However, please understand that AxCrypt is just a tool that is used by millions of legitimate users for good purposes. I am very sad that a hacker has chosen AxCrypt as the tool to perform the ransom attacks that appear to plague mostly Turkey and sometimes other countries.
Unfortunately in this case, AxCrypt is based on strong encryption, and it is generally not possible to crack the encryption.
What you must do is contact your local police, and have them follow the money and Internet trail to the hacker. Since others appear to be in the same situation, you may want to contact media in order to make this problem more widely known, and also gain the possibility of a group action of all the victims against the hacker.
We cannot help, We are in no way involved, and there is no way to open the files without the passphrase used.
Please read http://blog.axantum.com/2012/07/axcrypt-used-for-ransom-attacks.html for a longer discussion of what we know about this affair.
Hello Michel A,
It’s a little unclear what your question is. If you are asking literally how to open an encrypted file without knowing the password, the answer is you can’t. That’s what AxCrypt is made for.
Hello Michel,
It’s an important question to have a good answer for, so we’ve updated https://forum.axcrypt.net/documentation/technical/ with this information.
Hello Hank,
Thanks for your input!
Hello albatros,
Thank you. In general, there is some work to do around progress and notifications. It’s always quite hard to do this clearly. Also, it appears many are annoyed by notifications, so perhaps it should not be in the tray, but in the app. Anyway, thanks!
Hi Dave,
Glad it worked out for you!
For others reading this – it’s a really good idea to write down the password used on paper and store it in a secure place. That the password search succeeded here was due to the fact Dave could limit the number of possibilities to a few thousand. If it gets just a bit more complex, it’ll just take too long (years, centuries, eons, lifetime of universe, longer…).
Hello,
To download the 1.7 version of AxCrypt from http://www.axantum.com you have to do so from the site directly, *not* from a direct link. (Technically, the referrer of the request must be http://www.axantum.com, in practice this means you should browse the web site and click the link on the web site in your browser).
Thanks Dave!
Hello Albatros,
Yes, you’re right. It *is* a bit confusing… But that is how it works right now. We’ll be changing this. Thanks!
-
AuthorPosts