How safe are the encryption keys in version 9?

English Support for Syncovery on Windows.
tobias
Posts: 1603
Joined: Tue Mar 31, 2020 7:37 pm

Re: How safe are the encryption keys in version 9?

Post by tobias »

Hello,
yes, lots of progress. A beta should be available in around a week or so.

tobias
Posts: 1603
Joined: Tue Mar 31, 2020 7:37 pm

Re: How safe are the encryption keys in version 9?

Post by tobias »

Hello,
the first beta version of Syncovery 9.40 is now available on our Windows download page. It will allow you to encrypt your credentials and passwords in a safe way, or in the Windows Credential Manager.

See our new post here:
https://www.syncovery.com/documentation ... ncryption/

Before encrypting your settings, Syncovery will offer to make an encrypted backup of your Syncovery.ini file. While the beta version might break some workflows, in general it should work fine. Please submit any bug reports to support@syncovery.com.

tobias
Posts: 1603
Joined: Tue Mar 31, 2020 7:37 pm

Re: How safe are the encryption keys in version 9?

Post by tobias »

As an example, here are my personal settings:
credentialsencryption.png
credentialsencryption.png (36.82 KiB) Viewed 3984 times

Contractor5Prepays9
Posts: 76
Joined: Wed Sep 23, 2020 10:38 pm

Re: How safe are the encryption keys in version 9?

Post by Contractor5Prepays9 »

thanks !
I will experiment (may take a couple weeks, i am trying to fix my 3d printer, 3 month downtime...)

QUESTIONS
if i have this as medium safe, with an encryption key on the machine - then machine blows up, and i want to download from cloud on another machine, and i have teh INI file - can it be opened in any manner?

ASSUMING that the key is specific to this machine, and that INI file might not be able to be opened -
how to make a COPY of thhe INI file - one with password protection, and one with key encryption?

for scenario, can I take my current INI, password protect it (main.ini - password protected)
make a COPY of it (main-COPY.ini), and CHANGE the password setting, eitehr directly to ENCRYPTION KEY tied to this machine?
or
remove password, save, then rechange option to encryption key for this machine?

Just evaluating what to do to ensure portability, along with encryption

thanks

tobias
Posts: 1603
Joined: Tue Mar 31, 2020 7:37 pm

Re: How safe are the encryption keys in version 9?

Post by tobias »

Hello,
if it's machine-specific, the passwords will be lost when you copy it to another machine.

But the profiles will still be there, so you can just re-enter the passwords and re-authenticate Syncovery with cloud services.

To avoid that, you can protect the settings with a password instead of an automatic key.

Yes you could switch to password, then make a copy of Syncovery.ini, and then switch back to automatic key generation.

But I think that using a password + "Use Windows Credential Manager to Remember Configuration File Password Phrase" is at least as safe as the automatic keys. That way, you don't have to re-enter the password every time.

Just avoid the first checkbox "Store Password in the Windows Credential Manager". That would save all passwords in the Windows password store and no passwords in the Syncovery.ini.

I need to add an option to export the config password protected but not machine specific.

Contractor5Prepays9
Posts: 76
Joined: Wed Sep 23, 2020 10:38 pm

Re: How safe are the encryption keys in version 9?

Post by Contractor5Prepays9 »

thanks for reply
i will probably select PASSWORD, because even a simple password will lock the INI from prying eyes.
and mostly, my machines have windows 10 pro with bitlocker on them.
but there are times where i may use a USB stick, in emergencies, etc, and that is where i need the protection the most, even if rarely.
again, i will experiment
nick

tobias
Posts: 1603
Joined: Tue Mar 31, 2020 7:37 pm

Re: How safe are the encryption keys in version 9?

Post by tobias »

Hello,
I wanted to let you know that v9.40 is now available as a Release Candidate with some improvements over the beta (lots of small things, please don't ask ...).

tobias
Posts: 1603
Joined: Tue Mar 31, 2020 7:37 pm

Re: How safe are the encryption keys in version 9?

Post by tobias »

Hello,
Syncovery 9.40 has now been fully released, after extensive testing. It will now encrypt your passwords securely.

Gabri.91
Posts: 3
Joined: Sun Dec 19, 2021 10:36 am

Re: How safe are the encryption keys in version 9?

Post by Gabri.91 »

Hello Tobias,
is it possible to encrypt also the encryption key used under "Compress/Encrypt"? Or it's already protected in another way?

Thanks

tobias
Posts: 1603
Joined: Tue Mar 31, 2020 7:37 pm

Re: How safe are the encryption keys in version 9?

Post by tobias »

Hello,
yes it is stored with secure encryption in the latest Syncovery 9.4x.

Please see the encryption settings on the Program Settings dialog, first tab sheet.

Post Reply