Hi
I need to store higly sensitive data locally (crypto recovery phrase) and i wonder if cryptomator is safe enough to do so (yeah, yeah strong password set).
Is there any recommendations for me to further protect this file?
Hi,
What about double encryption?
Before you put the file in Vault use a 7-Zip compatible program like seven zip or pieazip to encrypt the file with a strong password and 256-bit encryption.
The person who wants to access the file will need to know the password for the vault and also the password to the 7zip file.
Another option is to use pgp encryption which will require the person who wants to open the file have a copy a physical copy of the PGP certificate.
Yes, Cryptomator can be considered secure enough for storing highly sensitive data such as a cryptocurrency recovery phrase, provided that you follow strict operational security practices. Cryptomator uses strong AES encryption (AES-256 in GCM mode). You can read about it in the docs here.
Adding another layer of encryption provided by 7zip does not provides us much security. Yeah, it’s another password, but if somebody already broke your strong password another one will not stop him for long. GPG/PGP uses (by default) AES too, so i recommend age encryption tool which uses different algorithm if you are going to go so far as double layer encryption.
AES256 seems to be resistant to quantum computers too - i am not expert, but as i understand cryptography experts in worst case scenario AES256 strength can be lowered to one presented by AES128 thanks to Grover’s algorithm, so attacker still needs to break your password.
So your password must be strong. To create strong password just use random words separated by numbers or special characters. 12 such words can provide you pretty strong password, even when They’re quite short. Just avoid using quotes from book - nowadays dictionary attacks contains quotes from books.
Stay safe!
1 Like
Good stuff. Cryptometer may be excellent as a standalone so long as the person chooses a good strong password which they may not do. This is why PGP is a good second factor for Authentication.
For example I use keepass for my password management and I have created a key file that’s generated with unbreakable encryption as a second Factor in combination with my password no one can break into my database because even if they guessed my password they don’t have a copy of my key file. Without having a copy of the public key there’s no way anyone is going to open that file.
My point about pgp is that the person trying to crack the Vault and the files would need a physical copy of the private certificate that was generated by pgp they can’t guess that certificate it’s impossible.
PGP with it’s public and private certificate is a good way to go.
Consider it two Factor Authentication with a key file that can’t be guessed.
I understand exactly what you mean, and I, too, greatly appreciate free cryptographic tools like GPG. Believe me—I truly do. However, it’s yet another cog in a complex machine, one more point of failure that could potentially cause issues down the line.
To elaborate, using such tools means the user not only has to manage their secret password, but also a public/private key pair. This introduces additional layers of complexity, especially considering the possibility that these keys might become obsolete or insecure in the future—particularly once quantum computers reach practical viability.
To be clear, I’m not concerned that someone will brute-force a strong password. Rather, what worries me is the human element: when the user actually needs to perform account recovery, there’s a real chance they’ll have forgotten their passphrase—or worse, they might lose access to it entirely due to something like a failed drive.
In short, it’s not always the strength of the cryptography that’s the weakest link, but the reliability of the user’s memory and backup practices.
I simply don’t want a community member to accidentally lock themselves out of their own backup plan by overengineering it. After all, it’s a backup -something we often set aside and don’t maintain as diligently as our primary systems. Overcomplicating it introduces unnecessary risk, especially when its very purpose is to serve as a safety net in times of failure.
2 Likes
Ok, I understand. I only made the suggestion because you were looking for ways to secure extremely sensitive information.
In the absence of pgp I would recommend a strong password and stronger than people can remember so the people that are using the database will need a password manager to put in the password that’s the best way to keep it safe.