What is a Personal Key in the encryption settings?

The personal encryption key option is one of the available methods with which we encrypt your file. To protect your data privacy, all files you upload to ElephantDrive are encrypted first before leaving your system. You can choose whether to encrypt your data with the generic ElephantDrive key or your personal key.

The Personal Key is derived from your user password. Since ElephantDrive does not store any of our users' password information in plain text (we store a hashed value that is compared to the hashed value of the input in the password field at login time, which allows for secure authentication without actual knowledge of the original passphrase), the resulting key is known only to the user. Objects uploaded with the Personal Key can only be opened/restored by the user with that key.

 

IMPORTANT: When you first set up your account with ElephantDrive, you are given the choice between using ElephantDrive Keys or Personal Keys.  If you click on the Personal Keys option, you will see the following message:

You can use your ElephantDrive password as a personal key to encrpyt all of your data.  If you forget your password, you cannot decrpyt your data stored on ElephantDrive. 

When you further select the Personal Keys option, the following "final warning" pops up:

Your password is used to derive the personal key.  If you forget your password, you will lose all your data.

Personal keys offer such high protection that if you forget your password, ElephantDrive can manually change your password for you and give you access to your account, but even in this case you will no longer have access to any of your files that were previously backed up under the Personal Keys settings and you will need to start your backup from scratch.

If you choose to backup and store your files using the Personal Keys settings, please ensure that you are using a password that you wil remember, or take the necessary steps to store the password in a safe place where you can retreive it if necessary.

 

Currently in development is a third option is a where a user can provide a binary key of their own independent creation.

 

Limitation: File sharing feature is not available if you have customized your encryption settings to encrypt your data with personal encryption keys

Have more questions? Submit a request

Comments

  • Avatar
    Augustin

    Another answer to this question...

    The "Personal Key" is derived from your password. While this may
    sound confusing, ElephantDrive does not know your password. We know a
    "hash value" of your password, which is the result of a one-way
    mathematical operation. This means that when you provide your password
    via one of our login interfaces, the one-way operation is performed
    producing a value that we compare to our authentication system. If it
    matches, you're in! If not, you are denied access.

    The beauty of this system is that we don't need to know you actual
    password to authenticate you - better yet, it is impossible to use the
    hash value to work back to the original value. In this way, we can
    securely verify who you are without knowing your actual password
    choice.

    An added benefit is that we can use the un-hashed password to generate a secure key for you.

Powered by Zendesk