Adding Files or Folders to A Vault - Copy or Move?

Really basic question. Many videos showing people dragging and dropping files or folders to a Cryptomator virtual vault drive, but in Windows this action merely makes a copy of the folder or files in the vault, and leaves the original folder or files in place. This seems to defeat the purpose of CM if you have two copies of a file (the original unencrypted version and the encrypted copy in the CM vault). If you make edits in the original, nothing changes in the Vault version. So my question is…you should MOVE files/folders to vaults, NOT copy them over, correct?

Well, I guess that’s a question for what purpose you want to use Cryptomator.
In my case the vaults are just for online backup purposes. I’m not working directly with the files in. So I of course copy the files and do not move them.

By the way: you could be interested in this thread and why moving files into a vault on windows is technically nothing else than copy them and delete the „original“

And last but not least: Cryptomator is designed for online storage purposes. If you „just“ want to encrypt your local files, you might want to consider tools that are made especially for this purpose, like veracrypt.

Thanks Michael, but there is more to my purpose, perhaps some additional details will help. My purpose in using Cryptomator + Google Drive in combination is 1) to encrypt very sensitive data (i.e., Medical records, bank records, taxes)…AND2) to store these encrypted files somewhere OFF my local machine in case of a hard drive failure or my laptop getting stolen (I just learned my lesson recently with an external drive failing on me with no backups).

So if I leave the original files in MY DOCUMENTS, and merely create a copy in a vault, I have failed on BOTH goals, because 1) if I make any changes to the original files (the ones NOT in a vault), those changes will not be in the encrypted versions, …and…2) additionally, if my local drive fails at some point, I would lose the most recent versions (yes, I’d have the encrypted ones but they may not be the most recent versions).

So…I can’t see a reason why (or if it makes any sense) to have BOTH encrypted (in CM) and unencrypted (local drive) versions of the same files. Again, I’m just hoping to confirm that the way I am doing it is the right way and I’m not missing something.

Regarding Veracrypt - I am very familiar with it and its a great tool for local encryption as you said, BUT again, if your drive fails or your machine is stolen, it won’t do you much good.

I see. Well, in my setup there’s of course a backup tool that copy all new or changed files into my vault. Other ways that wouldn’t make sense, as you already mentioned.

You don’t. If you want to store files encrypted online, Cryptomator is a good choice.
But please keep in mind that Cryptomator is not a backup solution and does not counter the risk of data loss/damage. It „just“ covers privacy concerns with its encryption.

What do you use to sync them? And are you not concerned that you have unencrypted copies of the same files you have in your vault(s), or ar you not using it for the encryption benefits?

I agree, thats why i am pairing it with Google Drive, otherwise I could just encrypt locally and use Veracrypt

I use this tool for my backups (and for sftp syncs as well)

No I’m not concerned for various reasons. But if I were, I’d encrypt my complete system, not only a part of it. Eg with veracrypt, or maybe bitdefender.

and what would be your next step if you came home and found your laptop stolen using only Veracrypt locally??

I cannot answer your question because I would never have only a local backup. As I said I’m using Cryptomator for my online stored backups.

Answering the original question: Yes, you should move files to a Cryptomator drive/folder and then access them directly from there with your software.

For drag and drop, Windows changes its default action based on context:

  1. When the source and destination are different hard drives, it copies.
  2. When the source and destination are the same hard drive it moves.

With Cryptomator, you have two options when mounting vaults.

  1. As a separate hard drive letter.
  2. As a folder under your current hard drive.

When you mount a vault on a new hard drive letter, drag-and-drop will do a copy.
When you mount a vault on a folder under your current hard drive (C:) it will do a move.

At our site, we have the Cryptomator vault mounted as a directory in a folder so it appears seamlessly as part of the same filesystem. If we drag files to the vault it does a Move. The files are always encrypted and never stored unencrypted on the local filesystem. The vault is maintained on Google Drive using their Drive File Stream tool.

However, as noted by Michael, we still have to do backups. We are doing backups of both the encrypted vault and the unencrypted files (just to be safe).


Regarding the question about sync software…

I have a very similar situation to your own in that I have a relatively small set of important files I want to store in Cryptomator Cloud.

I use FreeFileSync and its companion program, RealTimeSync. Not hard to set up and designed specifically for directory sync. Well-documented also. With this combination, copying can be fully automatic and happen any time a file is changed.

I would not recommend deleting the originals and using only the Cryptomator files, but that’s just me. I don’t worry about the duplicate space because the overall space needed is small. Plus, you’re back to a single copy at that point, which for me is not sufficient for these files.

Just a short remarck to avoid confusion: There exists nothing like a Cryptomator Cloud. Please do not use this term. We do not offer cloud storage or service.

Cryptomator is an encryption tool which encryption process and output are optimized to be used in combination with file synchronization.

Indeed. Very poor choice of words on my part. Thanks for the correction.