File remains open after vault lock

I normally close all my encrypted files before locking vault. However on one occasion I did not close a Word document and then proceeded to lock vault. Vault appeared to lock but this particular Word document remained open which surprised me. .Is that expected behavior? I assumed that when trying to lock vault and some files would still be open I would get a warning and an option either to close them or force closure by locking the vault. It seems to me not secure if “encrypted” files remain open and unencrypted while vault is locked.

Just imagine you open a word file that is saved on a network share or a usb drive.
The you loose your network connection. The file stays open, no warning, unless you want to save that file because the path is not available anymore.
It should just be the same when you disconnect your vault with a word document open.
Word keeps the file in his cache. Like (mostly all apps do)

This is the way, programs work.

There is no continuous connection from an application to the file system. Once a document is loaded, the app doesn’t bother what happens with the file system. Only when saving it, the file system is accessed again.

The file access patterns vary greatly between different applications. A movie player, for example, will only read small chunks of a video file. It will therefore access the file system every now and then while playing.

So what you’re experiencing is the expected behaviour.

Thanks for confirming that it works as it was intended. The reason I was questioning this was that until recently I was using Cryptainer LE. When trying to close Cryptainer while a file would be open I would get a message>
Cannot Unload! There might be open files on this volume
Please close all other applications using this volume.If that does not help, please make
sure that this drive is not selected or used in Windows Explorer window or in other disk
utilities which may be using this drive.

Then I get to select one of the two options>
-Do not unload now
-Do a Forced Unload

This I found reassuring because I knew that if I manage to close Cryptainer (unload volume) there will be no file left open in an unencrypted state

Then there was an open file handle. It is the same in Cryptomator, but it really depends on the application that accesses a file.

For example, if you change the working directory of a terminal window to a mounted drive, a graceful shutdown will be canceled. But Word doesn’t seem to keep an open file handle. It just loads a file and that’s it.

In the example of the Cryptainer behaviour it was actually Word file which was open stopping me to close the Cryptainer, the same file I have now under Cryptomator, The difference, if it makes a difference, is that with Cryptainer that file is on the local physical drive but with Cryptomator it is in the cloud.

In the case of Word, I can’t say if it is a handle. But if I try to unmount a PGP Disk (Symanatec Encryption Desktop) while a word document is open, I get a warning that files are open and can cancel or force unmount.

With the Handle tool I can’t find any open handles for it. Word seems to also create a temporary file for the document too.


It seems PGP (Symantec Encryption Desktop as it’s called nowadays) and the OPs experience with Cryptainer matches, they do check something different before unmounting.

Maybe they check for existence of ~ files. Which would be highly windows-specific, but we could try this as an experimental feature.