[Feature Request] Unscrambled filenames for single-file recovery

Hi and welcome! :wave:

This isn’t a new feature request and technically it will be feasible. We haven’t fully decided which way to go, yet. Context menu integration in Windows Explorer, Finder, etc might be elegant but we will probably prefer a platform-independent approach that might involve dragging a decrypted file into some part of the Cryptomator UI to reveal the corresponding encrypted counterpart.

The technical parts of this feature are discussed with other open source devs on GitHub:

Hi overheadhunter, thanks for replying.
Glad to see that this idea is already under discussion.
As the first Github question you quote already suggests, I tend to believe that encrypting filenames should be a choice that any user should make when creating a new Vault.

If you plan to store in a Vault highly sensitive data, you should choose the “Encrypted filenames” option.
Otherwise, you may choose “Unecnrypted filenames”: less privacy, greater ease of restore.
(I think Cloudfogger used to do that, if I’m not wrong.)

I’ll stay tuned for that - it’s so fundamental IMHO. Bye!

How is the status? I need this function too. It’s very important for backups.

Making the name encryption an option upon creation of the vault would be the killer feature.
Reasons are as already mentioned - ease of restoring previous versions of files using web UI of the cloud provider.

Please do consider it for the nearer future <3

Thanks in advance!

Are there any news for this feature?

as you can see in the corresponding github issues: no.
But are you aware that it already is possible with 3rd party app to access your vault only online and therefore it is possible to download every single file from within a vault to your local system without the need to have the complete vault local? (unfortunately no linux support)

I like the feature request but please make it an option - some users want it and others don’t. I like the ability to sometimes, emphasize sometimes, see the data unecrypted at the local level but I would never want the data uploaded to the cloud with unencrypted file names. There is no reason to give someone greater interest by disclosing the name of a folder. Just my 2 cents.

1 Like

No worries:

If you want to restore an old version from the cloud, a decrypted name wouldn’t help anyway. After all, the revision history only knows the ciphertext names.

Therefore we would only implement a feature to point you to the corresponding ciphertext file, if you choose a cleartext file.

1 Like

My usecase is the same as Christians and therefore i need to identifiy which file is behinde the ciphered one.

And yeah like mwyarm said, it should be possible to choose if the filenames are encrypted or not.

I think its not very handy if i have to search for the corresponding ciphertext file. But sure it’s much safer than something else. So if only this works, that would be fine for me.

But the ciphertext names of old version in a cloud backup would be always the same, right?

The ciphertext name stays the same, if you edit a file. This way the version history of the cloud service can reliably work.

The only thing which could be problematic is to restore a deleted file. Or is it possible to identify a deleted file by the option you offered?

A deleted file inside an existing directory, yes. If the directory got deleted, it is no longer possible to map a cleartext path to a ciphertext one.

Oh okay, that’s bad. Because it won’t fit my needs then. I will be able to always restore deleted folders and files. So in that case it would be great when there is the possibility to decide wheter the file names are encrypted or not.

This is not planned, sorry.

What a pity. So it will not fit for me :frowning:

Why is it not planned? I guess the effort to implement this feature isn’t that much. Is it a strategic decision?

In addition to overheadhunter’s post:
Restoring should be a feature of your backup solution. Cryptomator is not a backup solution. It’s a privacy solution.
I recommend to have a look at you backup strategy/solution if you are missing the option to restore files you deleted by accident.

Sure, but if i can’t identifiy the uploaded files / folders in my backup solution by the name, i’m not able to restore them.

For example if i delete a folder, overheadhunter told me that it’s not possible to identify the deleted folder afterwards. So i have no idea which encrypted folder name i have to restore in my backup solution.

If you accidentally delete a file, you should be able to restore it from your backup. If you work locally in your vault, and it is immediately synchronized to your cloud storage (mirror sync), then the vault is not a backup. A backup contains data regardless of the current state of your local work files (basically). Just to restore a previous state if necessary.
A backup process does NOT delete the files when they are deleted in the data source. The sync process of your cloud provider does exactly this (delete files online if they are deleted local) and is therefore NOT a suitable backup solution.
Cryptomator itself is not a data availability solution, but a privacy protection solution for files stored online.
If you want to prevent data loss (e.g. accidental deletion, or hardware failure, or malicious attack), then you need a backup solution.

Here’s an example setup:

Work Folder: D:\ (encrypted or not but not synced to your cloud storage if not encrypted)
Use a backup solution to backup files frequently to your backup destination X:\ (X is can be a vault). Configure the backup solution to keep file versions (depend on your needs, in my case I keep 5 File versions when modified and one permanently when deleted in the source).
If your Backup Folder X is a vault you want to have stored online too, make sure the vault files are placed somewhere where the are included into the sync operation of your cloud providers client.

Now, lets assume you deleted a files in your working folder D:. Then open your Vault X:\ and restore the File-Version you want to restore.

As you can see: the backup process itself does not rely on cryptomator. If you want to store your backup online and keep data private, you should backup into a cryptomator vault.

Maybe you are interested in reading this: https://www.techsoup.org/support/articles-and-how-tos/your-organizations-backup-strategy

1 Like

Thank you. I know the difference between a backup and file syncing. If i sync it immediately and have versioning i’m sure it’s a backup. The old deleted files are available in my backup (i use crashplan), even if i delete them locally. Everytime i change a folder or file i have another version of it in my backup.

I don’t want to prevent data loss with cryptomator. Therefore i use my backup solution crashplan. Crashplan synchronizes the files / folder on every change and has versioning.

I’d like to use cryptomator in the future. But that’s only possible if i can store my files encrypted in my online backup solution and make sure that i can recover them if necassary. And this only works, when i’m able to identify the correct file / folder even when it’s deleted in the source. I don’t like to have another vault, because then i need doubled hard disk storage.

The solution or possibility you describe presupposes that i can connect my backup like a drive to mount the cryptomator vault. And that is not possible. So i need the ability to identify the correct file / folder to choose which folder / file i’d like to download from the backup to prevent downloading the whole backup on that specific restore timestamp.

I hope you now understand why your offered solution is not working for me.

That’s the hint that clarifies it for me. Crashplan backups your files as a service directly in the cloud.