Hello Jimb and Robin,
Point of clarification – AxCrypt 1 is a pure symmetrical crypto system. AxCrypt 2 is extended with some asymmetrical functionality.
We store the private asymmetrical key on our servers, and on your local PC. It’s encrypted with your current passhrase. If your current passphrase is compromised *and* the attacker has access to the private encrypted key, then *changing* the passphrase on our servers won’t stop that attacker. You’ll have to re-encrypt the files with a new public key. This, however, is no worse than before, in fact it’s the same. If your passphrase was compromised, you’d have to re-encrypt files with a new passphrase before the attacker could get at the files.