Forums Community encrypt files in folders & subfolders

This topic contains 19 replies, has 2 voices, and was last updated by  Svante 1 month, 3 weeks ago.

Viewing 15 posts - 1 through 15 (of 20 total)
  • Author
    Posts
  • #4552 Reply

    skipro

    If I encrypt a folder are all the files in all subfolders at all levels also encrypted?

    What is the difference if I right click/encrypt a folder or if I put it into the folder section on the dashboard?

    What is the difference if I right click a folder and select “encrypt” in the free and Premium version?

    #4553 Reply

    Svante
    Keymaster

    Hi skipro,

    No, right now we don’t support recursive encryption of folders. See https://bitbucket.org/axantum/axcrypt-net/issues/191/add-option-for-recursive-operation .

    The difference between encrypting the files in a folder with right-click and using the secured folder feature is that the latter will monitor the folder, and allow you to encrypt all unencrypted files there with a single click (or when you sign out or exit AxCrypt).

    The difference between encrypting with an active Premium subscription, or without with AxCrypt Free is that with Premium it encrypts using AES-256 and with Free AES-128.

    #4558 Reply

    skipro

    Svante,

    Thank you for your response.

    Is the lack of recursive encryption of folders a technical problem? It seems that it would be extremely helpful to many, myself included.

    #4587 Reply

    Svante
    Keymaster

    Hello skipro,

    No, it’s not a technical problem, it’s a usability problem. We’ve had too many users making mistakes with the very powerful function of recursive folder encryption (i.e. Encrypt from c:\ for example…).

    We’re considering ways to make the function more failsafe, while still useful.

    #4611 Reply

    skipro

    Svante,

    I appreciate the potential problems but to exclude a hugely convenient function as  a result of caution is , in my opinion, too drastic. Safeguards can be included, some as simple as a warning message [or several], more steps to accept function if the folders are on “C:” and a default “off” with the option to enable, just to name a few. Encryption by nature is a risk, i.e. lose the password. I feel this added function has far more up sides than downsides.

    Don’t neuter the app to make it foolproof. Impossible to do and I do not feel that should be the primary goal; efficiency and workability should be at the top of the list along side security. User beware, with any encryption app.

    Option: A different version with this built in. Now the user has options. May be overkill when this function can be included as an option.

    I hope you reconsider.   Thanks.

     

     

    I hope you reconsider.

    #4613 Reply

    Svante
    Keymaster

    Hi skipro!

    I mostly agree, it’s just that I’ve been on the end of trying to explain to user that he just irrevocably destroyed both all of his files and his computer OS installation (encrypted too much + lost password). In that situation, it’s tough to have to say “well it’s at your own risk, and you made the mistake”.

    So, while we can’t make it foolproof, we need to make it almost… So, all of your ideas are under consideration, and we will implement it.

    The current plan is to move all options to a single page of advanced options, with some extra precautions against changing them – i.e. a warning dialog and explicit user consent by typing your password or something like that. We don’t really like options at all, but some are unavoidable and this is probably one of them.

    So, we won’t need to reconsider, we just have to get to it. Right now mobile apps are taking a lot of our available development time. We’ll get there.

    #4614 Reply

    skipro

    Svante,
    Again, thank you for your attention and reply.

    1st, my rant:
    Encryption creates strong security only if it cannot be violated. Security and access are inversely proportional. Increase one, the other decreases, and inversely. You are paid [hopefully] to provide a dependable and NARROWEST portal possible. Why would you need to apologize for providing what is requested, an app that provides a high level of security? Strong security [encryption], loss of the portal [password], and subsequent loss of access to data/information/files are interminably entangled and an inherent risk, as in many security operations. It is not the responsibility of the encryption app or by extension, the developer, to untangle this web or diminish these risks.
    Also, passwords can be securely “stored” by the user with a little imagination and/or effort.
    OK, I feel better now.
    An aside; convenience is secondary, which you have nicely addressed via your account approach.

    My thoughts:
    1) An AxCrypt lite, with a “reduced level of security disclaimer” with backdoors, retrievable passwords. With a per
    retrieval fee.
    2) A password retrieval or reset service, for a fee.
    3) With “System” or critical OS folders and files
    3a) Limit encryption on these folders and files.
    3b) When encrypting these folders/files include a blizzard of warnings, “Are you sure?”, “This is dangerous.”,
    “Don’t blame me.” and/or disclaimers.
    4) Include general disclaimers on installation:
    4a) “Use encryption at your own risk. If you cannot provide the correct password, you will not have access to
    encrypted folders and/or files.”
    4b) “We cannot retrieve your encrypted folders and/or files, Don’t even ask.”
    4c) “Encrypting folders and files required to boot or run your operating system or any other program is
    highly discouraged and can prevent access to your OS or programs.”
    ” Do not activate recursive encryption when encrypting folders and/or files on “C:” drive.”
    5) When activating the recursive option, make them acknowledge [check off], “I accept this inherent risk”.
    6) Require an extra “accept risk” click for all recursive encryption. [Not my personal favorite, cumbersome.]

    I applaud you for considering this function as it is sorely missing in encryption software. Though it is usually available in drive/virtual drive/disk encryption programs, these cannot be used in many circumstances.
    This would make a major improvement in an already really good program.
    Hurry.  [grin]

    #4615 Reply

    Svante
    Keymaster

    Hi again skipro (like the tag by the way, I read it as ski-pro ;-),

    All your points are essentially valid, and I certainly agree that it’s kind of the point of encryption – if you don’t know the password you can’t decrypt. But… This is where reality makes itself known, and some users are just not careful enough, and while it’s not our formal responsibility to protect these users from themselves, the fact is a lot of our users are attracted by the simple operation – and thus also have pretty vague ideas about what’s really going on.

    Still, glad you feel better for getting the rant off your chest, and as I said – in princple I agree.

    We’ll get to this function soon enough I hope, you’re not the only one asking!

    #5229 Reply

    Cees

    Hello,

    I will be waiting until this feature is available with upgrading to Pro.  For me it does not work when I can’t encrypt files in folders and subfolders at the same time.

    So if you could let us know when it should be available………

    Thanks

    #5230 Reply

    Svante
    Keymaster

    Hello Cees!

    Thanks for the feedback, it’s high on the prio list… You can monitor progress here: https://bitbucket.org/axantum/axcrypt-net/issues/191/add-option-for-recursive-operation .

    #5231 Reply

    Joshua

    skipro and Cees,

    I too am waiting for this feature and have been monitoring this forum for an update.

    Until it’s introduced I’m using a free piece of software from Jetico. It’s fully functional and open source but unlike AxCrypt it allows recursive folder encryption. You right click on a folder and can make it an encrypted archive. The next time you double click on it you’re asked for the password and then it opens up the folder tree in the application.

    It only runs on Windows and is 2.5 MB. There are no mobile apps for it. The download is here.

    #5442 Reply

    Adam T

    I am a Pro subscriber. I have been searching for a explanation for why my sub-folders are not automatically encrypted. I subsequently found this thread.

    I wanted to use AxCrypt to keep all of the files on my laptop encrypted automatically. I did not want to have to manually encrypt all of my sub-folders. This is very inconvenient, and also poses the risk that I will forget to encrypt a new folder and therefore leave the data unencrypted. I would not have used your software, or purchased a subscription, if I had known that recursive encryption was unavailable. When do you think the feature will be added?

    #5443 Reply

    Adam T

    I would like to add that…

    I only recently realized that the sub-folders remain unencrypted. Having unencrypted folders sitting inside a folder that is supposed to be automatically encrypted is extremely counter intuitive and should have been highlighted in your product description. There are probably many other Axcrypt users who have been under the FALSE impression that there sub-folders have been automatically encrypted, thereby leaving their data unsafe!

    I have hundreds of sub-folders. I am simply not willing to encrypt them all individually. If the recursive feature is not going to be available in the next couple of weeks, I would like to request a refund on my subscription.

    #5447 Reply

    Svante
    Keymaster

    Hello Adam T,

    It’s one of these features that are required by some users, and cause significant problems for other users.  It’s on our to-do list, you can follow it here: https://bitbucket.org/axantum/axcrypt-net/issues/191/add-option-for-recursive-operation .

    I can’t promise any delivery date for this, but it should not be too far off. It’s much requested and it’s not really that technically difficult – although there’s more to it than it may seem…

    #5448 Reply

    William

    I’d like to ask that you add a warning in very simple terms with wording to the effect of;

    “You are activating recursive folder/directory encryption. Do not proceed unless you fully understand the consequences of this feature. If you are at all unsure, cancel now to avoid loss of data and consult the user guide. To proceed please type the words: I understand. “

    Nobody can then blame AxCrypt if they lose their data. By requiring the user to type in two words it removes the possibility of accidentally clicking a ‘Yes’ or ‘No’ button. You may also consider adding the option to the settings to allow a user to remove the requirement to type two words but you’d still offer a binary (Yes / No) warning prompt.

    I’d even consider an additional warning prompt if they try to encrypt a folder like Program Data, Program Files, Windows etc. Perhaps;

    “The folder you are attempting to encrypt is critical to system operation. You should not encrypt this folder as you will almost certainly damage your system. If you are 100% certain you wish to proceed type the word: Dangerous. AxCrypt cannot be held responsible for the consequences of ignoring this advice.”

Viewing 15 posts - 1 through 15 (of 20 total)
Reply To: encrypt files in folders & subfolders
Your information: