Forums Community Some questions Reply To: Some questions

#4902 Reply


Thank you for that comprehensive answer Svante :-)

What had originally confused me was how an old password could be used to decrypt a file if the key pairs were being regenerated. However I now understand that you retain the old key pair(s) so that if a user resets his password (and subsequently remembers his old one) that he can still decrypt previously encrypted data. Depending upon how many times a user forgets his password you may end up with a lot of key pairs on your servers!

I also wasn’t exactly clear on the difference between a password reset and a change but I now believe this to mean:

  • A password reset regenerates the key pairs
  • A password change re-wraps the existing key pairs

Assuming that I’ve understood your answers (i.e. my summary above is correct) then the only question I’d like clarification on is this:

“Yes. New encryption operations will use AES-128, but otherwise it all keeps on working.”

If as a premium user I share an AES-256 encrypted file with a free user will it still encrypt with AES-128 even though they’re sharing with a premium user?

Thanks again. ;-)