
Cryptomator change password password#
So even though you’ve changed the password to a more secure one, you have to make sure that the old password can’t be used anymore (delete the backups and/or older revisions in the cloud). Are there older revisions of masterkey.cryptomator in the cloud that could be restored? If yes, they can technically be used to unlock the vault.Are there any backup files of masterkey.cryptomator? If yes, they can technically be used to unlock the vault.

This is a preparation for auto-unlock (GitHub Issue 40), one of the most wanted features we’re planning for the next minor release.
Cryptomator change password mac#
In this case, you have to ask yourself the following questions: Cryptomator 1.2.0 for Windows, Mac, and Linux is out now New Features On Windows and Mac you can now optionally save your password. (Edit: Keep in mind that the randomly generated masterkey stays the same. Then the masterkey.cryptomator file will be replaced with the new information. After that, you change the password to something with 25 characters, believing that it’s more secure. As I’ve mentioned, the information is then now stored in masterkey.cryptomator. So what does this actually mean in your scenario? Let’s say you create a vault with a 15 character password. Indeed, a 15 character password could be less secure than a 25 character password. So for an attacker, it might make more sense to try to brute force the user-assigned password instead of the actual masterkey itself. This password is secured against brute-force attacks via a key derivation function, in this case called scrypt.Īll the relevant information is stored inside the masterkey.cryptomator file. That’s why the vault’s masterkey can be derived from a user-assigned password, which is much more user-friendly. As you can imagine, nobody is able to remember a 256 bit key. If an attacker tried to gain access to such a vault, they would need to brute force the 256 bit keys, which is basically impossible.īut that’s not the whole story. The following is also described in detail in the security architecture.Įvery vault has a masterkey (two 256 bit keys that have been randomly generated in a cryptographically secure way). I’ll try to explain what happens so that Cryptomator is not a black box for you anymore.

However, there is indeed something that you have to consider when setting/changing a password. To answer your specific question, there is not such a thing as “residual security advantage or disadvantage” in regards to the vault’s password.
