May 27, 2019 at 12:58 #13754
I want to explain how disappointed and terrified I was a few days ago when I discovered how AxCrypt works.
I found out that anyone with MINIMUM computer skills CAN ACCESS MY “ENCRYPTED FILES” if they have physical access to my device.
The reason why I am posting it is that I am going to post it on many major forums but would like to see what AxCrypt has to say in the first place.
So I was using a USB bootable drive where had a fresh Windows 10 system installed. I was booting my WIN 10 from pen drive and using it on different PC. I downloaded and started using AxCrypt as was described on many forums and websites as one of the best encryption software. Yes, it`s easy to use and Yes seemed fine. But not anymore.
So I had quite a few files encrypted but what I was really important that was one .txt file with my passwords, btc wallet addresses, and passwords, some personal sensitive information, etc. So that one file was everything to me and didn
t want anyone unauthorized to access it. Everything was fine as I thought and one day I inserted another pen drive while running OS from a pen drive and wanted to format it but by accident ticked the one that had my OS on it. There was an attempt to format and then after 2sek, my OS crashed. I was terrified as there was a lot of my savings on these accounts. And the thing is in that OS i had AxCrypt installed under some burner email as I didnt know if it’s safe to give Yours as it might be accessed and then… You understand my worries. So I didn
t remember what my AxCrypt email/id was I just knew the password so wanted to recover some information from AxCrypt folder hoping I will find some files with email I used. First I had to use MiniTool recovery software to recover partition and then started looking... I came across AppData than Local than AxCrypt and than some subfolders. In one of the subfolders, I found the file I was using decrypted. The last date modified on that file was a day before from the system crash. Even though from that date I accessed that file many, many times. I was happy I got all my passwords and notes etc, etc but at the same time terrified that my data wasnt protected for all that time.
SO MY CONCLUSION is that <strong>AxCrypt</strong> MIGHT work and protect Your files but <strong>DEFINITELY WON`T PROTECT YOUR FILES WHEN SOMEONE HAS PHYSICAL ACCESS TO YOUR DEVICE, IT BECOMES USELESS.
Even if the file was created at the time of the system crash (which wasn
t because was created over 24h before) it DOES NOT matter. I would and many of users already agreed with me, prefer to lose the latest information which hasnt been saved than let to store for such a long time an unencrypted copy of that file where anyone who has access to the device can access it. That makes no sense. And just to mention there were 4 more subdirectories with files I haven`t used in weeks – also decrypted.
So I feel that information should be available to people who want to use this software to warn them that if they are using it on their laptop or USB drive which can be stolen/lost/accessed at work etc, etc, they should be aware that there are copies of their files that can be easily accessed by anyone with minimum knowledge how to use a PC.
Of course, I will never use AxCrypt for anything that is valuable maybe in case I don`t want my kids to access something but any other case there is no way after discovering that my encrypted files with strong password are easily accessed without any effort.
So why AxCrypt keeps unencrypted copies of files for weeks?? And to make it really easy in AxCrypt folder? Why users don`t know anything about it?
zarrulerMay 27, 2019 at 23:53 #13758
The reason why I am posting it is that I am going to post it on many major forums
Your ignorance of how computers work will be by derided by intelligent people on those “major forums”.
There was an attempt to format and then after 2sek, my OS crashed.
Your OS is king. If it crashes there’s nothing any security software can do to help.
So my conclusion is that AxCrypt might work and protect your files but definitely won’t protect your files when someone has physical access to your device, it becomes useless.
Obviously – if somebody has physical access to your device it’s not your computer any more.
I would and many of users already agreed with me, prefer to lose the latest information
You’re wrong – many users don’t want to lose their data. Both Microsoft and Apple save files regularly in the event of a system crash because that’s what people want: you do not know better than these two multi-billion dollar technology companies.
…they should be aware that there are copies of their files that can be easily accessed by anyone with minimum knowledge how to use a PC.
Anybody with a “minimum knowledge” of computers would use full-disk encryption like Microsoft BitLocker / Drive Encryption. Then, if their system crashed, the files on the disk are unreadable.
Of course, I will never use AxCrypt for anything that is valuable
Then you’re lessening your security. AxCrypt is part of a security strengthening strategy.
So why AxCrypt keeps unencrypted copies of files for weeks?? And to make it really easy in AxCrypt folder? Why users don’t know anything about it?
That’s why the files are in the AxCrypt folder (so users know about them). If you can’t be bothered checking that folder then nobody can help you.
If you want to securely delete those files then press the broom in AxCrypt or manually delete them. Simple.May 30, 2019 at 13:31 #13775
Why AxCrypt keeps unencrypted copies of files for weeks?? And to make it really easy in AxCrypt folder? Why users don’t know anything about it?
AxCrypt works by decrypting files temporarily and then launching the appropriate application for the decrypted file, which thus is entirely unaware of AxCrypt. AxCrypt monitors the system for the launched app to exit, and when it detects this it will re-encrypt the file and wipe(overwrite) the decrypted file and then delete it.
AxCrypt will create a random temporary folder under the specified path to keep the decrypted copy of the encrypted file. The location(C:\Users\’user name’ \AppData\Local\AxCrypt) is for the temporary decrypted copies of the files. Those will either be cleaned automatically at the earliest opportunity or when you click the red clean “broom” icon in AxCrypt.
Note: The temporary files will be removed as soon as the opened encrypted file closed/signed out from the AxCrypt app.
AxCrypt 2 uses a more robust method for the automatic re-encryption, which sometimes means you as the user have to tell AxCrypt to do it. You’ll see this by the “broom” icon becoming red. This indicates there’s something in need of “clean up”, i.e. re-encryption.
Now the AxCrypt app do not allow the users to exit the AxCrypt app when the encrypted files are opened/pending for re-encryption.