[SvanteSpectator]

Hello Robert!

Thank you for the idea. The thing is that if you work from Windows Explorer, it’ll launch itself anyway automatically.

I do try to keep the number of ‘options’ down, and if we do it by default it’ll certainly annoy more users than will like it.

Let us think about that one for a while, you have a good workaround anyway right now it seems.

Once again, thanks for sharing your experiences with AxCrypt.

Regards,

Svante

[SvanteSpectator]

Hello John,

Thank you for the input. Things seem so clear when we design them, but there’s always room for improvement.

All ‘Premium’ links should perhaps go to the ‘Try Premium’ function. It’s hard, we dont’ want to have too many text boxes and decisions like ‘Do you really want to Try Premium now?’ etc. So we have just one link for the trial.

Do you see this?

[SvanteSpectator]

Hello jpn5imp1!

Before making that final decision, please read http://www.axcrypt.net/blog/leaving-computer-axcrypt/ and consider. It’s not a random decision, we put a lot of thought behind this.

Best regards,

Svante

[SvanteSpectator]

Hello John,

While I won’t argue that the standard is moving towards SSL-everywhere, please understad that SSL (HTTPS) serves two purposes, but not always at the same time and this is not always apparent to a user.

The first purpose, which is always fulfilled is confidentiality. However, not all things are confidential. We don’t believe that our public web site, http://www.axcrypt.net, has anything confidential.

The other purpose, is authentication of the URL and organization behind it. I.e. that if you type ‘www.axcrypt.net’ you’re really talking to our servers and we represent a real legal entity, and not someone elses. This purpose used to depend on a list of trusted providers of root certificates, such as VeriSign, issuing them after a manual verification process. These cost money. Real money. And we’re still a rather small organization.

Recently, free certificates have been massively available via the Let’s Encrypt inititative. The problem is that these certificates really only fulfill the first purpose – encryption of the link. And, as mentioned, there’s nothing secret going on there.

If you’ll note, the account web site, https://account.axcrypt.net/ – where you sign in, *is* encrypted with a ‘real’ SSL certificate, where our corporate identity has been validated by the issuer. We’ve also ensured that we’re only using up-to-date algorithmns and key lenghts on that server.

So, yes, we’ll arrange for SSL for http://www.axcrypt.net/ as well, but since the *real* benefits are minimial to negligable and there’s a real cost associated with it it’s not been our top priority.

Thanks for the feedback!

Svante

[SvanteSpectator]

Hello John!

This is correct, we’ve changed the way the Premium Trial is activated. It used to be activated automatically, but now you can chose when you want this to happen.

Over 99% of our users use the AxCrypt 2.1 windows app, and that’s where this process is implemented. We’ll be making a “Try Premium” button available on the web as well.

Right now, please download the AxCrypt app, and activate Premium Trial there.

Best regards,

Svante

[SvanteSpectator]

Hello Brett,

The error message in question indicates that the file is severly damaged, beyond repair. You should try to locate an older version or a backup of the file.

This can happen in circumstances like you describe, where the system is shutdown or crashes, or media is removed, during an encryption operation. This is not unique to AxCrypt, it can happen to any software when it is writing data to disk.

AxCrypt version 2 has some more safeguards against this kind of situation. It does not happen often, but it does happen every now and then. Most often due to USB drives being removed to quickly without using the “Safe Remove” feature of Windows.

Best regards,

Svante

[SvanteSpectator]

Hello Jason!

Thanks for taking time to let us know what you think.

However, we really, really do believe that it’s a step forward!

Give it a little time…

First of all – you say “The screenshot login shown on Svante’s post above is in addition to an individual encrypted file password“. This is not how it works – it’s only the first time until you’ve upgraded the old 1.x files which were encrypted with a different password than the one you made for your AxCrypt ID sign in. The upgrade is automatic for files you open, and you can also do batch conversion from the menu.

So, once the files are upgraded, and for all new files, it’s just the sign in password.

You also write “having to sign-in first time you use program in any session” and “doesn’t seem to ask for password on any subsequent encrypted document“. Well, you can’t have it both ways!

What we do, is just like AxCrypt 1. When you click on a file, we ask for the password – we just call it Sign In.

As for the fact that you don’t have to re-type the password all the time, that’s really something we’ve thought a lot about. Please do read the following http://www.axcrypt.net/blog/leaving-computer-axcrypt/ which discusses this feature and the rationale.

Also, please note, that this has always been an option for AxCrypt 1, to remember passwords, we just made it standard with AxCrypt 2 – partly because of confusion caused by the optional nature of the feature in AxCrypt 1.

Once again – thanks for letting us know. All input affects how we develop the software, and insipires us to work hard on clarifying matters such as these so that it’s clearer from the start how and why.

[SvanteSpectator]

Hello Natash!

Of course you can access both AES-128 and AES-256 encrypted files with the Free version! We’ll never lock you out of your data because you’re not subscribing to Premium.

What will happen is that if you edit or create new encrypted files, they will use AES-128 instead of AES-256. But you can always open either level of encryption.

[SvanteSpectator]

Backups are always the right thing, regardless of encryption or not.

It sounds very unlikely that the Windows restart had anything to do with it, as described by you.

In the private email I sent you I asked about the exact sequence of events, and also what interaction if any you’ve had with AxCrypt 1.7 or earlier with this particular file.

[SvanteSpectator]

Hello!

Can you send a screen shot showing Windows Explorer and all the normal columns for the file (modified, type, size) in “Details” view pleaase?

If you do not want to publish the name of the file or a screen shot here, either edit it or send an email to svante dott seleborg att axcrypt dott net .

Svante

[SvanteSpectator]

Hello Fran and Barkeley,

You have it right. The solution for USB sticks indeed to use the standalone version of AxCrypt instead of the ‘encrypt to exe’ feature of the old version.

You’re also right that we’re not quite there yet – the standalone version needs to work really standalone without ever requiring internet access or our servers. This is now a high priority improvement, so we’ll work and implement this relatively soon.

As for what password to use it’s a little complicated due to the sharing features, but the easy way to explain it is that what will always work is the password used the most recent time the file was encrypted. This will always work.

[SvanteSpectator]

Hello!

No, we actually do not list exactly which file is being processed, but we probably should. See https://bitbucket.org/axantum/axcrypt-net/issues/172/show-file-name-in-progress-bar to follow progress on this issue.

You should be able to tell if it’s done or not – the progressbar should then be cleared. Is it not? You can also cancel from the progress bar by right-clicking it.

[SvanteSpectator]

Hi Barkeley,

What you get with “AxCrypt.2.1.NNNN.0.exe” is the “self-contained, stand-alone, fully-featured executable” I mention. You put this on a USB stick + your encrypted files, and you have a the same thing as before, but much better since you now have full AxCrypt instead of just the ‘decrypt’ option with the self-decrypting version.

However, right now there’s a little caveat that will be fixed asap in that you do need to run it on a computer where you’ve registered once. We’ll fix that.

[SvanteSpectator]

Hello,

The security model is not affected by what we store on the server. We always assume that encrypted files are public anyway, and what we store on the server is just that – encrypted files.

The security model *is* affected by the fact that we transmit passwords, even if over a strongly encrypted connection, but we have judged this to be acceptable for the gains. It is not really controversial to transmit data over such a channel.

Currently the software does require you to register your e-mail, but once done, you do not need any Internet access. It’s still just a password that in the end protects your document, and you still just have to type the password since the email is prefilled. Same keystrokes, different look in other words.

[SvanteSpectator]

Hello,

Thanks for pointing this out.

You’re probably running the screen saver without enabling the option to show the log on screen when it deactivates. We really, really, recommend users to enable this option so that it requires a password when the screen saver is deactivated.

However, we’ll make sure AxCrypt signs out even in this case. You can follow the issue here: https://bitbucket.org/axantum/axcrypt-net/issues/171/sign-out-of-axcrypt-even-if-no-password-is .

[Author]

Posts