The personal encryption key option is one of the available methods we can use to encrypt your data in ElephantDrive. To protect your data privacy, all files you upload to ElephantDrive are encrypted before leaving your device. You can choose whether to encrypt your data with the generic, service-provided ElephantDrive key or a personal key.
The Personal Key is derived from the password associated with your login credentials. Since ElephantDrive does not store any password information in plain text (we store a hashed value that is compared to the hashed value of the input in the password field at login time which allows for secure authentication without actual knowledge of the original password), the key is utilized and available only to the authenticated user. Objects uploaded with personal key encryption can only be accessed/restored by the user with that key.
IMPORTANT:
Your ElephantDrive password (associated with your login credentials) is used as a personal key to encrypt all of your data. If you forget your password, then you won't be able to decrypt your data. If you change the email address associated with your account, then you won't be able to decrypt your data stored in ElephantDrive. Your password is used to derive your personal key.
Personal keys offer such high protection that we won't be able to help you access or recover your data if you needed to reset your password. In order for us to reset your password, we'll need to first purge your account of all data encrypted using your personal key.
If you choose to use personal key encryption, then please ensure that you are using a password you will remember, or take the necessary steps to store your password in a safe place where you can retrieve it.
Limitation: File sharing feature is not available if you have customized your encryption settings to encrypt your data with personal encryption keys.
Questions? Click here to submit a new support ticket.
Comments
1 comment
Another answer to this question...
The "Personal Key" is derived from your password. While this may
sound confusing, ElephantDrive does not know your password. We know a
"hash value" of your password, which is the result of a one-way
mathematical operation. This means that when you provide your password
via one of our login interfaces, the one-way operation is performed
producing a value that we compare to our authentication system. If it
matches, you're in! If not, you are denied access.
The beauty of this system is that we don't need to know you actual
password to authenticate you - better yet, it is impossible to use the
hash value to work back to the original value. In this way, we can
securely verify who you are without knowing your actual password
choice.
An added benefit is that we can use the un-hashed password to generate a secure key for you.
Article is closed for comments.