April 20, 2019 at 16:17 #13527
Using Axcrypt 2.1.1573.0 for Windows, I noted today that, in the C:\Users\<username>\AppData\Local\AxCrypt folder, ther are many subfolders within which there are UNencrypted copies of files previously encrypted . . . and they don’t disappear when you exit the program or sign out & then exit the program (I always use the program in “Offline” mode). I don’t want any person or party to ever get hold of my computer and then find a whole bunch of sensitive files that are left in an UNencrypted state. Is it technically necessary to design the program to operate this way and, if so, why? Or is it an oversight in program design? If not techniclly necessary, do not leave whatever number of files that a user wants to be in an encrypted state to have copies saved in said user folder(s) in an UNencrypted state. How would you respond to this (and how do I deal with this seeming “security gap”)? I perhaps can understand that, while the program is open and in use, it might be technically necessary for the program to keep some of the user’s files in an UNencrypted in said folder(s) (though WHY?) . . . but, if not technically necessary for the program to operate in this way, then certainly when the program is exited, do not leave any number of sensitive files in an UNencrypted state on a user’s computer. It somewhat defeats the purpose of using the program.April 23, 2019 at 14:22 #13546
The location(C:\Users\’user name’\AppData\Local\AxCrypt) is for the temporary decrypted copies of the files. Those will either be cleaned automatically at the earliest opportunity or when you click the red clean “broom” icon in AxCrypt.
AxCrypt works by decrypting files temporarily and then launching the appropriate application for the decrypted file, which thus is entirely unaware of AxCrypt. AxCrypt monitors the system for the launched app to exit, and when it detects this it will re-encrypt the file and wipe (overwrite) the decrypted file and then delete it.
Please note: We have to close all the instance of the opened application to re-encrypt the files and clear the local cache.
Anyway, we will discuss with our team to alter/add extra feature to handle the temp files.