Forum Replies Created
-
AuthorPosts
-
Hi Alexa,
No, we cannot reset a password for you to regain access to encrypted files. You can reset your password in order to be able to sign in to the app and the web, but already encrypted files remain encrypted with the original password.
That is the main difference between encryption and access control systems, i.e. software that controls your access to data. Encryption permanently scrambles the data based on your password. There is no way to unscramble the data without the original encryption key (which is accessed via the original password).
Hello V!ncent,
Thanks for the feedback. For your information, we’ll keep the version 1.7 available indefinitely and we’ll also be adding an option to always require the password to open a file for version 2. We don’t think it’s a good idea really, but so many users of the existing software has gotten used to that workflow and feel uncomfortable without it.
Hello Kirk,
There’s actually no current version of AxCrypt for Mac. There is a very old more or less experimental version, but it has not been supported for several years.
Can you please include a screen shot of AxCrypt in your Mac so we can understand where you’re at so to speak?
Great to hear Eddie! You are so right: DO NOT FORGET PASSWORD! That’s what encryption is all about – no password, no files. No password reset possible.
Good luck!
Hello Simona!
Please send a screen shot of what is happening instead of the file opening. If you don’t want to send it here, publically, please send a support request to support@axcrypt.net .
Hello Ziwdon,
Thanks for the feedback! (First a little note – it’s –offline, not -offline – two dashes!)
We have to work more on how to make existing users feel comfortable with the new app. New users essentially seldom have any problem with the “sign in”-model. It’s old users that we have to help understand how the new works and perhaps in some ways how it does work.
You’re right that the standalone version can be a little confusing – because it’s really just the full version without the Windows integration and installer. It will in the future “be aware” that it’s working in standalone mode, and thus work a little differently. We’ll probably still ask for something looking like an email so you have a “local user”, but it might ask if you want to be offline or online or something. We have not yet decided.
As for passwords, it should actually be less confusing with only one password for all things AxCrypt we thought…
We’re working on all of these things to make things clearer, so your input is vital!
Hello Mark,
Yes, AxCrypt 2 works a little differently than AxCrypt 1 – but it’s essentially the same thing. Yes, we’ve moved to a “single password” model. We feel this is a much better and safer system. Please read http://www.axcrypt.net/blog/use-of-different-passwords/ for a longer discussion and explanation of this.
Keyfiles have also been discontinued due to very low usage, and high risk of loss.
The “never any requirement to register” is indeed from the old website concerning the old software, however it’s still true. You can run AxCrypt 2 entirely in offline mode by either denying it access to the Internet, or starting it with the –offline switch. In this case no registration is required (although we still ask you for something that looks like an email address).
We’ve made some large changes in order to increase the ease-of-use, and reduce the risk of data loss as well as encouraging the use of a single, but stronger, password.
Sometimes it’s time to rethink old ways of doing things, and this is one of the we think!
Hello Herman!
This behavior is by careful design to make it easier to use AxCrypt. You will be signed out of AxCrypt (and thus require a password again) if your screen saver goes active, you log out of Windows etc.
Hello Eddie & Eldernerd,
We cannot reset a password to regain access to a file where the original password is forgotten. That is what AxCrypt is about – strong encryption without backdoors. If you don’t have the password, neither you, nor we nor anyone else can decrypt the file.
Reinstalling an old version of AxCrypt will not help either. I’m not sure Eldernerd, just what your situation is – but you did not have the same problem as Eddie who has a forgotten password. Without more information it’s hard to say exactly what the issue was, but we’ll be happy to help you out if you’ll give some more information, preferably screenshots.
Hello Garry,
There are no intentional backdoors and the source code is open source to back that claim. The previous version of AxCrypt has never had a security issue since released over 15 years ago.
The only recourse for breaking the encryption is brute force, and AxCrypt has some specific features implemented to make that as hard as possible. With a good and strong password, brute forcing AxCrypt is infeasible, even for an organization with immense financial and technical resources.
Hello Mark!
Please see our FAQ at http://www.axcrypt.net/ – it is most likely that you have a problem with something called Lavasoft Web Companion, which is incompatible with Windows (not AxCrypt, it’s entirely a Lavasoft/Windows problem, but it impacts AxCrypt).
We have been in contact with Lavasoft, and they say they are unable to fix it(!) and recommend uninstallation of Web Companion.
Hi again skipro (like the tag by the way, I read it as ski-pro ;-),
All your points are essentially valid, and I certainly agree that it’s kind of the point of encryption – if you don’t know the password you can’t decrypt. But… This is where reality makes itself known, and some users are just not careful enough, and while it’s not our formal responsibility to protect these users from themselves, the fact is a lot of our users are attracted by the simple operation – and thus also have pretty vague ideas about what’s really going on.
Still, glad you feel better for getting the rant off your chest, and as I said – in princple I agree.
We’ll get to this function soon enough I hope, you’re not the only one asking!
Hi skipro!
I mostly agree, it’s just that I’ve been on the end of trying to explain to user that he just irrevocably destroyed both all of his files and his computer OS installation (encrypted too much + lost password). In that situation, it’s tough to have to say “well it’s at your own risk, and you made the mistake”.
So, while we can’t make it foolproof, we need to make it almost… So, all of your ideas are under consideration, and we will implement it.
The current plan is to move all options to a single page of advanced options, with some extra precautions against changing them – i.e. a warning dialog and explicit user consent by typing your password or something like that. We don’t really like options at all, but some are unavoidable and this is probably one of them.
So, we won’t need to reconsider, we just have to get to it. Right now mobile apps are taking a lot of our available development time. We’ll get there.
Hello Patrick,
Good points, all. We actually already have an issue logged for password based key sharing ( https://bitbucket.org/axantum/axcrypt-net/issues/131/add-sharing-password ) , and you’re probably right that manually imported public keys should be possible to use in the Free version, so I’ve added that to the issue list of things to do: https://bitbucket.org/axantum/axcrypt-net/issues/233/manually-imported-public-keys-should-be .
We’re also considering making all key sharing free in the future – that would also solve this issue ;-)
Thanks!
Hi Patrick,
Actually that feature is there so advanced users and users without Internet access can import and export keys, and also feel safe about it. You still need Premium to share a file key at this time, even if manually imported. We should definitely consider making it possible to do so in the Free version. Thanks for pointing this out.
The use of the function is to do what the server otherwise does, when you share the key to a file (we don’t share actual files) by typing in someones email, what happens is we get the public key from our server and then use it to share the file key.
-
AuthorPosts
