I’m new to using encrypted cloud storage.I’ve downloaded Cryptomator and created a couple vaults. But in order in encryp my iOS cloud. Do i need to save the vault in the cloud or on my device? After creating the vault, when i open my files app. I see a few documents and one is named “master key” im assuming i dont want that in the cloud though right? But whaat happens if i get a new phone and lose access to the keys on my current phone?
I don’t use the Apple platform but I do keep my vaults in the cloud.
I don’t synchronize my cloud drives down to my computer I access the cloud drive as a folder or drive letter on my computer that points to the cloud.
You don’t encrypt your cloud storage. Cryptomator is designed to have a local vault with encrypted files in it, and this vault is synced with your cloud storage.
the Masterkey file is part of your vault. Please do not touch any file within that folder unless you are very familiar what you are doing. These are your encrypted vault files. And yes, the Masterkey file is supposed to be online as well. No one can do anything with it without your password.
My first tip is to take your time and go through the documentation and the knowledge base. Then most of your questions should be answered, you know exactly how Cryptomator works, and this will save you time finding a perfect setup that fits your needs.
My second tip: backups, backups, backups. Please backup everything you put into your vault to encrypt it. Especially if you are new to encryption and are exploring the possibilities that comes with it. Mistakes can happen to everyone at some time. And I’ve read too many posts where someone damaged his vault by accident and didn’t have a backup. You will most likely not be able to recover anything from a damaged vault or container (no matter which encryption software you are using)
Here is how I am setup.
I have plenty of room on my D: drive so this is where my “Documents” folder reside. The D: drive also hosts my OneDrive folder where the Cryptomator counterpart vault resides. The reason to store data on the D: drive is to minimize the size of the image backup of the C:.
Every nights, I am saving the Documents into Cryptomator which in turn is synched to OneDrive.
The OneDrive data is there as safety net should my PC hard disk dies. Of course, I also back up my data to local USB drive encrypted with BitLocker. Also, it allows me to access my data when I am not at home and not having my PC, e.g. traveling only with my iPad or iPhone. The rule is no change to data when accessed via iPad + Cryptomator from OneDrive.
Previously, I was using the data directly from the vault mounted as network drive; I find that I can create problems when using large Outlook .pst file, e.g. 5GB large. Frequent update of the file to the vault is causing, I beleive, OneDrive to choke. Anyway, I once had to re-create my local files from the OneDrive encrypted files and it took many days to download.
I hope it helps.
I suppose what really matters is what kind of data you’re putting in the vault. If you are putting a PST file that’s 5 GB then yes I agree you want to have a local copy.
I’m mainly encrypting Word Documents that are not very big so keeping them in the cloud makes no difference to me.
The issue with synchronize the data is the ability to sync and how well it works varies from cloud provider to cloud provider .
I have a couple of cloud providers and if I were to put a 5 GB file in the local folder and let the cloud provider software upload it to my cloud drive it would still take forever with a 5 GB file.
For example my backups go to backblaze B2. S3 type storage does not provide client software for accessing the cloud or synchronizing. I use rclone to mount/sync and C to encrypt.