Forums Bugs & issues Auto sign out options

This topic contains 38 replies, has 2 voices, and was last updated by  Svante 9 months, 3 weeks ago.

Viewing 9 posts - 31 through 39 (of 39 total)
  • Author
    Posts
  • #5198 Reply

    Brian

    (This post has been edited by a moderator due to irrelevant personal references)

     

    (Redacted)

    • Who will benefit from “the ‘unlock each time’ security feature”?
    • Give me an example of why somebody wouldn’t or “cant for some reason use a screen saver password”
    •      If the answer is that it’s not their computer then AxCrypt won’t provide any protection anyway.
    • What the benefit of the ‘unlock each time’ feature would be for users who “savvy enough to understand the limitations and extent”?
    •      If somebody truly understands the limitations and extent they’ll realise that requiring ‘unlock each time’ will not give them any extra security.
    • Why is a “screen saver with password alone is not sufficient to prevent somebody with physical access to your hard drive from operating on or taking the data on your drive.”
    •      How could you bypass the screensaver without AxCrypt destroying your encryption keys from memory? Restarting your computer (which is the only way to bypass the Windows lock screen or screensaver on any version of Windows) will result in the password being required by AxCrypt.
    • The security measures “above are not activated by default in a number of operating systems”.
    •      So what? AxCrypt has built-in protection against this. Once the screensaver is deactivated AxCrypt will require the password. You don’t need full disk encryption, device locking etc. to benefit from AxCrypt’s protection.
    • How can “someone with physical access to their drives can potentially operate on their data” considering the protections AxCrypt put in place?

    (Edited) Please give a credible scenario and examples of how it can be bypassed.

    (Edited) Referring to Svante’s article previously quoted, what parts are debatable?

     

    • This reply was modified 2 years, 7 months ago by  Svante. Reason: Irrelevant personal references
    #5201 Reply

    Svante
    Keymaster

    Sorry guys! I really like the discussion, but not the implied/expressed personal stuff, so I did some insenstive hacking to the posts removing and editing some parts.

    I think your posts still contain the same information and opinions,  just with focus on the subject matter.

    I can’t keep doing this though, so if it keeps getting out of hand again, I’ll have to shut it down.

    I’m trying to be impartial three ways here, but if you think I can handle this situation better – please drop me an email via support@axcrypt.net . Just refer to me, and it’ll get to me. Don’t post meta discussions about this discussion here.

    #5298 Reply

    Roque

    I do not want to be repetitive but I would like the auto sign out feature back. I read through all the reasons here and I still feel that this features is important. I feel safer when I know that if for some reason someone is using my computer (sometimes I want to borrow it for a presentation, etc.) they can not have access to my information.

    So add me to the people that is requesting this feature

     

    #5308 Reply

    Svante
    Keymaster

    Roque,

    Thank you for your input. It’s on the to-do list.

    #5451 Reply

    Svante
    Keymaster

    Dale, I did not see this before now, but it looks a little dangerous… Looks like it’ll kill AxCrypt. Since you refer to ‘autohotkey’ of which I know nothing, but from the name it seems it could send keystrokes. Can’t you write a similar script that just signs the user out instead of killing the process?

    #7050 Reply

    Ted

    Hey everyone, I just installed version 2 of AxCrypt on my desktop (as part of getting the mobile version) and like the others here, am VERY disappointed that it no longer requires a password to view or decrypt each file individually. Having found this thread and read all the posts, I completely agree with Peter, Dale and Roque. Any use of encryption is better than none, and if we wish to use this product in the manner implemented so beautifully in version 1, we should have that option. I really hope you can add that feature soon, since I’m positive we’re not the only four on this planet who feel this way. Thanks!

    #7051 Reply

    Svante
    Keymaster

    Hello Ted,

    Thanks for your input. No, you’re not the only ones with this view. On the other hand we have also quite a few who initially say this, but then come back after a little time and say they now realize how much better the AxCrypt 2 way is ;-)

    Please read this also https://www.axcrypt.net/blog/leaving-computer-axcrypt/ before forming your final opinion.

    That being said, we’re working on it…

    #11908 Reply

    Tracy Burroughs

    Have been using version 1 and just moved up to 2; also very disappointed with the lack of support for multiple passwords… and lack of support for requiring a password every time a file is opened.

    My household has multiple family members, each with their own computer; own passwords. Axcrypt 2 works for that; however, everybody’s files are backed up to a shared drive, and replicated to one shared computer… thus we have multiple passwords on that shared computer.

    The shared computer is locked in my house… for convenience, I’d rather not have it screen lock.  Perhaps it is unusual, but I trust my family. It would be great if any family member is using the shared computer, they would just be prompted for their password when opening their file… but more importantly, prompted to set a password when they create a new encrypted file… so when it is replicated to their individual computer, it is encrypted with their password, not the password of the last family member to log into axcrypt. Yes, I could have multiple accounts on the shared computer (and actually do), but it is far more convenient to not have to logout/login every time someone wants to use it.

    For the shared computer in my house; I’m generally not concerned about security… unless someone breaks into my house and steals it… in which case I’d really prefer that they had to enter a password to unlock the files.  Seems unlikely someone would break into my house just to install a key logger on my shared computer; could happen, but a risk I’m willing to live with for the convenience of having an easily accessible shared computer.

    Security is all about understanding and accessing risk. I’d like axcrypt to support my acceptable level of risk.  Seems others would too. I don’t mind if AxCrypt defaults to very secure behavior, and even makes me read a warning to change that… but I’d still like the option, the option to select my own level of risk.

    #11932 Reply

    Svante
    Keymaster

    Hello Tracy,

    Thank you for the detailed well-reasoned description of your use case.

    Unfortunately, we just won’t support that use case. The reason is that for the situation you describe, using AxCrypt or any kind of encryption is just simply massive overkill – and may also lull some users into feeling secure. But they are not.

    I fully understand the reasoning between having the option to disable some features or configure for your own perceived level of security. Perhaps you are in fact fully informed and this is just what you want and need. Problem is that it’s very unusual.

    We have experience from millions of users of AxCrypt in both version 1 and 2, and we are very sure that enabling your use case, will cause many to believe it’s a better situation than it is.

    At the very least, we recommend that separate users have separate accounts on the computer – they don’t have to have strong passwords (or even any passsword!). This is both more convenient – each user gets their own bookmarks, recently used items in Windows etc etc. And AxCrypt gets a chance to invalidate the current sign in session at the appropriate time.

Viewing 9 posts - 31 through 39 (of 39 total)
Reply To: Auto sign out options
Your information: