Where does Cryptomator Appimage phyiscally store the saved $hashed master-vault-decryption key?

Hi, where does Cryptomator Appimage physically store the $hashed decryption key, and are there any more possible attacks so far unthought of?

  • This question ofc assumes someone has breached a computer physically (which is regarded as game-over by many) I am wondering where to find the $hash, if a user choses to automatically decrypt vaults due to convenience?
  • Is this protected in any way?

Idea for improvement: People surely do not want to type long decryption passwords forever, so they auto-unlock
, but you could pin-protect this with a shorter key - to additionally protect the $hash (and make users typle less in return for convenience and security gain)

© 2022 Skymatic GmbH • Privacy PolicyImpressum