I don’t understand why should I use cryptomator to encrypt my files in a cloud storage when the vault/masterkey files are unprotected and available for a… say employee to grab them.
Wouldn’t this mean anyone with access to these files could also access all my encrypted personal documents?
but unfortunately a masterkey backup file (bkup) is written in the folder after each unlock. So if I generally want to keep my masterkey outside of the cloud, a masterkey backup is always generated in the folder after every sync or unlock. What is the exact meaning of this bkup file?
I find it practical at Keepass that you can create a key file in addition to the password.
That would be a kind of two factor security. I think that is simply missing in the cryptomator and in my opinion it is elementary.