Cloud Passwords

Daddy · April 5, 2019, 9:07am

Hi There

I just started to test your nice piece of software and really like the fact that it can connect to external cloud drives and WebDAV.
To make these cloud connections work you have to put in the login credentials in the Cryptomator Application. (i mean the cloud passwords not the ones of the vaults)
After doing this once the password credentials of the cloud connection are stored somehow so next time Cryptomator automatically connects to the Cloud drives with the stored passwords.

So my question is how are the login credentials for the cloud drives and WebDAV connections stored and in what way are they protected.
Is there any encryption involved in storing the cloud password credentials?
This question is for all the OS’es (Win / Android / Linux / etc)
I hope it’s not some kind of plain text storage.

Looking forward to your reply.

Kind regards

Daddy

overheadhunter · April 5, 2019, 10:11am

On Windows/Linux Cryptomator just does the encryption part, you still need a 3rd party sync tool. So Cryptomator doesn’t have any contact with the passwords of the cloud storage providers at all.

On the mobile devices, the credentials are stored in the keychain of the operating system. There is no additional encryption done on our side (since the key would be needed to be hard-coded, which doesn’t improve anything).

I.e. the confidentiality of those passwords depend on the security of:

Daddy · April 5, 2019, 10:29am

Thnxs a lot very for the quick response ‘overheadhunter’
This fully answers my questions regarding the storage of the passwords.