Forums Community Some questions Reply To: Some questions

#4903 Reply

Svante
Keymaster

Stephen,

First – you’re partially¬†correct on how an old password can be used to decrypt a file after the key pair is regenerated or otherwise lost. The other thing is that when a file is encrypted, the file master key is also encrypted symmetrically with the password in effect at that time. So, you can always decrypt a file, even without the key pair, if you know the password in effect at the time of encryption. This is a measure to reduce the risk of data loss. The most common cause of data loss in Windows is loss of the key pair associated with the Encrypting File System, EFS. We don’t want AxCrypt to have the same problem.

Second – When a Premium user sends an AES-256 to a free user, that free user can open it (if (s)he has the password / keypair). If (s)he updates the file causing it to be re-encrypted, it’ll be encrypted with AES-128.

In summary: Premium: Decrypts all. Encrypts with AES-256. Free: Decrypts all. Encrypts with AES-128.