July 8, 2016 at 07:06 #3706
I am used to the old one where it will not open a file till I input the password, so how do I sign in to do this . I do not want it opening up as soon as I click on the file. I cannot find a way to sign in.July 8, 2016 at 08:03 #3708
I’m not quite sure I follow…
You need to sign in to AxCrypt like this:
After you have signed in, files will open without needing a password and you can encrypt files without specifying a password.
You will remain signed in, until you sign out, your screen saver goes active, your computer goes to sleep, your Windows session is logged or you shut down your computer.July 20, 2016 at 18:48 #3787
Uninstalled and went back to Version 1.July 20, 2016 at 18:59 #3788
Thanks for taking time to let us know what you think.
However, we really, really do believe that it’s a step forward!
Give it a little time…
First of all – you say “The screenshot login shown on Svante’s post above is in addition to an individual encrypted file password“. This is not how it works – it’s only the first time until you’ve upgraded the old 1.x files which were encrypted with a different password than the one you made for your AxCrypt ID sign in. The upgrade is automatic for files you open, and you can also do batch conversion from the menu.
So, once the files are upgraded, and for all new files, it’s just the sign in password.
You also write “having to sign-in first time you use program in any session” and “doesn’t seem to ask for password on any subsequent encrypted document“. Well, you can’t have it both ways!
What we do, is just like AxCrypt 1. When you click on a file, we ask for the password – we just call it Sign In.
As for the fact that you don’t have to re-type the password all the time, that’s really something we’ve thought a lot about. Please do read the following http://www.axcrypt.net/blog/leaving-computer-axcrypt/ which discusses this feature and the rationale.
Also, please note, that this has always been an option for AxCrypt 1, to remember passwords, we just made it standard with AxCrypt 2 – partly because of confusion caused by the optional nature of the feature in AxCrypt 1.
Once again – thanks for letting us know. All input affects how we develop the software, and insipires us to work hard on clarifying matters such as these so that it’s clearer from the start how and why.July 22, 2016 at 21:19 #3799
I feel the same way ,I do not want it to open without me typing the password, I won’t use it .July 22, 2016 at 22:27 #3801
Before making that final decision, please read http://www.axcrypt.net/blog/leaving-computer-axcrypt/ and consider. It’s not a random decision, we put a lot of thought behind this.
SvanteJuly 26, 2016 at 00:54 #3815
I’ll just add my voice to the above users who prefer the previous model. I really, really wish you would go back to it. I would pay for that version.
I’ve read your explanation and no, it is not any more secure “theoretically” than AxCrypt’s current one password model, but in practice, it can be many times more secure. Your explanation compares AxCrypt’s “sign-in” model to entering the same password over and over again. This is a false comparison. What made the old AxCrypt so useful was that you could encrypt files with different passwords. Now, if the AxCrypt password is compromised (setting aside the fact that it leave you logged in), your entire system is accessible. File by file encryption allowed you compartmentalize this access. Yes, in theory if one password can be compromised, they all can, but this is not how things work in reality. AxCrypt’s current model is like using one password for all of your internet-related accounts. It increases usability but it massively decreases security. It’s not about a “feeling”, it’s about real access.
You also say AxCrypt is not really about local device security and to use BitLocker, etc. for that. But AxCrypt’s new model has essentially only made it useful for local device security and not much different from BitLocker in terms of practical use. Thanks.July 26, 2016 at 14:42 #3816
Thank you for your input!
Although we are not quite convinced by your arguments, it’s always good to hear different views about the issue. Although I don’t think we’ll “go back” to the old model completely, what we may do by popular demand ;-) is to make it optional to stay signed in. To be honest – I don’t see the point, but we’ve done other things that don’t really improve security to ease user adoption. As long as it doesn’t significantly hurt it, we’re fine with it.
Leaving that issue for now, I wonder if you could elaborate a little on your thinking when you say “AxCrypt’s new model has essentially only made it useful for local device security“. Here I don’t follow at all – AxCrypt is at it’s best for encrypting data that is shared via cloud services or email etc. How does your reasoning go here?July 29, 2016 at 05:31 #3823
Is thee any way to get the 1.7 version or any older version because when I right click and click decrypt it automatically decrypts it without a password, so that any one can see what you have encryptedJuly 30, 2016 at 11:16 #3828
You can always re-install version 1.7 or earlier. It is found at http://www.axantum.com/. However, please understand that version 2 will sign you out automatically when the screen saver goes active, you log out of Windows or your computer goes to sleep.
Please read http://www.axcrypt.net/blog/leaving-computer-axcrypt/ for a longer discussion of why you should not walk away from your computer regardless of what version of AxCrypt you are using.
SvanteNovember 25, 2016 at 15:06 #4726
I’m going against the flow here: I would like to have the option to automatically login without me having to type in the password.
I’m using AxCrypt to encrypt the files in the cloud only, my local files are already secure enough and I never leave my computer unattended without being locked. I frequently lock/unlock/reboot my windows session/computer and it pains me to have to login every time on top of the windows login.
There are different opinions and usage scenarios and I think the way to go is to make AxCrypt flexible enough to address the relevant ones. Setting up options to change how AxCrypt behaves on this matter would be a significant step to reach a wider variety of users, including the more advanced ones. These kind of login mode options could be configured in advanced settings not to scare or confuse new users with complexity.
As to questions like “if an automatic login is in place, then the password would have to be stored somewhere outside the program and could potentially be insecure, accessed and defeat the whole purpose of encryption”:
True that it would open the door for some security considerations but the option can be off by default and accompanied by text explaining the potential consequences and vulnerabilities, leaving the choice and responsability ultimately to the user.
It can even be simpler then that and just allow the program to launch or be controlled with the user/password as command line parameters with no changes to the GUI options, leaving the burden to secure the command line launch to the user.November 25, 2016 at 15:22 #4727
Hi João ,
I’m with you here, and I fully understand your reasoning. Unfortunately, not everyone can analyze the consequences like you have.
Regardless, adressing the issue of optional behavior around the sign in is high on the list of things to do. We’ll try to enable all levels, from your suggestion “Auto login with Windows”, to “Ask each and every time for the password”.