[SvanteSpectator]

Thank you Rodney, just so!

[SvanteSpectator]

Thank you Harold,

I agree with your assessment. Robert, if you still have a problem, contact our support.

[SvanteSpectator]

Thanks Freddy!

I’ve added that comment to the Bitbucket issue.

[SvanteSpectator]

Hello Anonymous,

We’re hoping to get a Mac beta out this week, or early next week.

[SvanteSpectator]

Hello Mark and Arthur!

We don’t activate Premium automatically in the app anymore (we used to, but for some reason this annoyed some users, so we changed that).

The missing “Try Premium” is a bug! Thanks for reporting that, we’ll updated shortly.

[SvanteSpectator]

Hello Wonderwonder,

Yes, that’s the way it’s designed, to keep the number of passwords down to a minimum of one.

[SvanteSpectator]

Hello Scott,

If you are using AxCrypt 2 to open AxCrypt 1-files encrypted with a different password than your sign in password, you’ll be presented with a dialog which allows you to specify a key file as well after klicking the “More…” button.

[SvanteSpectator]

Hi Todd & RobertM,

Encrypting the “actual folder” is a much different type of operation, and has different behavior in many ways than encrypting the files. AxCrypt is likely to remain a file encryption software for the forseeable future.

Encrypting & anonymizing in one step might be supported in the future, although we really do try to keep the number of options down…

[SvanteSpectator]

Hello Håkan,

If you do not remember the password to your account, you can always reset it. This is not a way to recover encrypted files! It’s only to allow you to sign in to the AxCrypt app and web. The new password will be used to encrypt new files. Go to https://account.axcrypt.net/Home/PasswordReset to do this, or you can also go there from AxCrypt with File | Options | Password Reset .

[SvanteSpectator]

Hello Dean,

Sorry to see AxCrypt take the blame here, because it’s not an AxCrypt problem. You have asked windows to associate a TurboTax file with Adobe Acrobat Reader. Not AxCrypt. AxCrypt can’t do that.

The screen shot clearly states that Adobe Acrobat Reader is trying, and failing, to open “2016 Hauser D Form 1040 Individual Tax Return.tax2016”. That’s not a PDF file. It does not end with “.pdf”. It ends with “.tax2016”.

See for example https://fileinfo.com/extension/tax2016 .

All kinds of files such as Word Files, PDF files, JPG files, TurboTax files, AxCrypt files etc contain information that only the respective (or compatible) application can interpret and present to you as the user. For example, TurboTax cannot open an AxCrypt-file. AxCrypt cannot open a Word file, or a TurboTax file.

AxCrypt opens AxCrypt-files.
Word opens Word-files.
Acrobat Reader opens PDF-files.
TurboTax opens TurboTax-files.

The way the operating system knows what to do with a file when you double-click it is by ‘associating’ the file extension with the correct application. So:

AxCrypt should be asssociated with “.axx”.
Word should be associated with “.docx”.
TurboTax should be associated with “.tax2016”.
Acrobat Reader should be associated with “.pdf”.

If Windows doesn’t know what to do with a file, let’s say ending with “.tax2016”, it’ll ask you as a last resort:

Now, that’s a pretty dumb suggestion by Windows, both suggesting Acrobat Reader, and suggesting you make this the default for the future. Nevertheless, that’s not an AxCrypt issue.

If you click ‘OK’ here, you’ll get the result you sent a screen shot of, because you have now asked Windows to try to use Acrobat Reader to open something that is in fact a TurboTax File, not a PDF file.

The solution is *not* to rename the file to end “.pdf”. You’ll get the same result.

In this case, you need to ensure that you actually have TurboTax installed – only TurboTax (or possibly other compatible software, which Acrobat Reader and AxCrypt are not) can open TurboTax-files. Once it’s installed, you also have to ensure that the file association above is correct, which it might not be since you now have established an override over the default.

If you find this confusing, please don’t blame AxCrypt! We did not design this system. Microsoft did.

[SvanteSpectator]

Hello Roger,

We should definitively warn (actually not accept) forbidden folders as watched folders. If it’s any consolation, they should be ignored since they are on the forbidden list. But they should not even be accepted. See https://bitbucket.org/axantum/axcrypt-net/issues/298/secured-folder-should-forbid-adding . Thanks!

As for SSL thumbprints, the thumbprint is not intended to be used for security, but for reference (i.e. to easily identify which certificate to use from a certificate store etc). You should only validate the certificate based on the trust.

An attacker can’t “inject fake tumbprints in real time”, it’s just a hash of the certificate, it’s not an integral part of the certificate.

Still, it doesn’t hurt, but the important part is really that it’s issued by the correct trusted authority. If you’d like to protect against various forms of man-in-the-middle scenarios, you should verify that it’s issued by the right authority – not any authority that your computer happens to trust, which may be more than you want – perhaps due to an attacker or your company having injected their own root certificate as trusted.

Anyway, see the updated https://forum.axcrypt.net/cryptographic-hashes-files/ .

[SvanteSpectator]

Hi All,

I understand the confusion. Yes, the right-click context menu was actually recursive before this new option. The reason for that is that the list of files to encrypt is actually expanded before sending it to AxCrypt for encryption, it’s done by the shell extension – not AxCrypt proper, and it was the old behavior of old AxCrypt so we tried to keep that.

The new feature is about what happens when you use the AxCrypt main window, and more specifically, when you use the “Secured Folder” feature – where a folder is watched for new unencrypted files and can encrypt them automatically, or semi-automatically at the click of a button.

It’s dangerous because not all understand the consequences of, let’s say, encrypting their entire Google Drive or Dropbox. We do try to forbid known dangerous locations, specifically the root folder, the program files directory and the windows directory.

We debated whether to remove the recursiveness of the shell extension for consistency, but decided against so as not to antagonize the current free users who might depend on that function. We try to play as nice as we can, while still trying to give incentives to upgrade to Premium so we can continue to develop the software. With a few exceptions (anonymous rename, shred and delete) we try to stick to “If it was available in AxCrypt 1.x, it’s free. If it’s a new function or feature, it may be free or it may be part of the Premium Plan”.

[SvanteSpectator]

Hi Dean,

Last things first 4) and 5) – why can you open files without entering a password?
AxCrypt 2 works just like your email software or most other password-protected systems. You sign in once, and remain signed in until signed out. Just like you can read many emails without entering the password every time, AxCrypt will do the same. The files are still encrypted, but your password is remembered until you sign out of AxCrypt.

I think there is some misunderstanding when you say “I signed out of AxCrypt, but I can still open them.” That’s not how it works. Can you show exactly how you do that?

1) Recent files is a common concept in many document oriented programs. It’s a list of, well, how to say it? Recently used files. It’s a convenience for quick access.

2) If you have trouble understanding the concept of Secured Folders, ignore that for now. Secured folders are monitored for new files, so you can encrypt them with a single click using the “clean” broom.

3) To “clean” up is just that – cleaning up temporary files. AxCrypt works by decrypting to a temporary location, and opening from there. Sometimes you need to tell it to clean manually. Also, it encrypts new files in Secured Folders.

 

[SvanteSpectator]

Hello Joseph,

I’m not sure, but I think you’re running in system configured to have FIPS compliance enabled . See https://support.microsoft.com/en-us/help/811833/-system-cryptography-use-fips-compliant-algorithms-for-encryption,-hashing,-and-signing-security-setting-effects-in-windows-xp-and-in-later-versions-of-windows .

I am not sure exactly what component it is referring to that is not FIPS compliant.

[SvanteSpectator]

Hello Dean,

It’s a little hard tell from your screen shot, but the reason only “Decrypt” is offered, is because the file in question is already Encrypted. I think you got confused about what file you selected to “Stop securing and remove from list”. Try again, and keep track of exactly what file you’re working with and I think you’ll find that it works as expected – as long as the file is not in a Secured folder!

If the file in fact is located in a folder designated as “Secured”, it will soon be re-encrypted again since those folders are monitored for unencrypted files and will encrypt them when you sign out, or click the “Broom” clean up icon.

AxCrypt uses a single sign on method of password use. There is only one password for all encryption and decryption operations, and AxCrypt will stay signed in, and use the same password until signed out. That’s why you’re not prompted for a password when encrypting new files. This is also to reduce the risk that users get confused about what password was used to encrypt what files, or worse mistype the password and not detect it until much later.

 

[Author]

Posts