- Off-Migration Guide: Decrypt all Boxcryptor encrypted files
- What happens if Boxcryptor goes out of business?
- How to Create a Debug Log
- I Cannot Move a File to an Encrypted Folder
- This Application Requires a Java Runtime Environment
- USB Flash Drive Support
- Where can I download Boxcryptor Classic?
- Outdated Clients
- Cannot open some files
- Known Limitations
- What is a FolderKey.bch and a .bclink file
- Recover Account Access if Second Factor (2FA) is Lost
Manage Your Account
You can manage your Boxcryptor account by signing in on our website. If you want to change your personal information, such as your first name, last name, email address, or your password, go to the My Account page.
Restoring Your Password
Since we offer a zero knowledge service, we CANNOT reset or tell you your password, in case you forgot your password. However, we can offer you to completely reset your account.
If you reset your account, new encryption keys will be generated for your account. This means you will irrevocably lose access to all your already encrypted files and you will be removed from all groups.
You can reset your account here.
Manage Your Devices and Sessions
Boxcryptor keeps track of all devices and web session connected to your account. A device is created every time you sign in to the Boxcryptor application. A web session is created every time you sign in on our website.
On the devices overview page you can view and unlink your connected devices and web sessions. This is useful, for example, when your device has been lost or stolen and you want to revoke access to your data. Boxcryptor will automatically reset to factory settings on an internet-connected device which has been unlinked.
Note: In the free version, you can only use two devices with your account. If you, for example, get a new mobile phone and want to use Boxcryptor with it, you need to sign out on your old mobile phone, unlink it on the devices overview page or upgrade your account here.
Export Your Keys
It is possible to export your keys, which are stored on our servers, into a local key file. This key file can be used in combination with a local account, which does not require any connection to our servers. Even if our service would be interrupted for a long time or completely shut down, you would always be able to use Boxcryptor to access your files which have been encrypted.
You can export your keys when you sign in to your account on our website:
- Navigate to My Account.
- Scroll down to the Advanced section and click on Export keys.
- You can use your keys as a local account with Boxcryptor.
Exporting your keys is not necessary for using Boxcryptor offline. If you have already been signed into your Boxcryptor account, you can use Boxcryptor offline without any problems. Your keys are already synced to your device.
The local account's purpose is to serve as a backup way to your files even if the Boxcryptor servers are not reachable. It achieves this by managing your keys locally in your own key file.
A local account comes with major restrictions:
- It is not possible to grant others access to files.
- It is more difficult to switch devices.
- Managing groups is not possible.
- Managing devices is not possible.
- Most features of the Company Package are not available.
We do not recommend the use of a local account on a daily basis. The main purpose is to have a backup of your keys.
How to export a Key File
How to Open an Existing Key File
- Click on the sign in screen.
- Choose Setup account.
- Click on Open key file.
- Select your existing key file.
- Enter your password to sign in to Boxcryptor.
Where Can I Delete my Account
If you do not want to use Boxcryptor anymore, you can delete your account. All your information, including your keys, will be deleted permanently from our servers. Make sure that all your files are decrypted before you proceed. After the account is deleted, it is not possible to restore any data.
We recommend performing a key export before. This allows overlooked encrypted files to be decrypted at any time, even after account deletion.
You can delete your account when you sign in here.
Invite your friends to Boxcryptor and do yourself and your friends a favor. For each successful referral you and your friend will get one month of Boxcryptor Unlimited for free. Both, free and Boxcryptor Unlimited users, can take part in the referral program. Free users get their free months immediately and paid users receive extra months which will be added at the end of their running subscription (renewal and payment will be due one month later). You can find your personal referal link when you sign in to boxcryptor.com.
In order to qualify for a successful referral, your friend has to verify his or her account, and sign in once. The sign in must occur in one of our installable desktop apps on a separate device.
Once a friend has joined Boxcryptor via your referral link, it will show up in your overview in the web interface. A referral can have the following statuses:
- Waiting for verification: Your friend did not yet verify the account. To do so, the referred person must click on the verification link sent to his or her email address.
- Waiting for sign in: Your friend did not yet sign into the account in one of our desktop apps on a separate device. Signing in on a device which has already been used for another referral will not work.
- Waiting for account change: You cannot claim the bonus because you are a company user. Only regular Free or Unlimited users can claim referral bonuses.
- Earned: Your friend completed all steps required so that you can claim your bonus. Click the link in order to claim it.
- Claimed: You have claimed and received the bonus for the referral.
Two-Factor Authentication (2FA) will require you to proof your identity with a second factor during the sign in. This second factor is generally something that the user posesses, such as a physical, second device. The advantage of this procedure is that when an attacker gets hold of (or guesses) your password, he still needs access to your physical device - so you're still safe. Boxcryptor is offering 2FA using authenticator apps or security keys.
Authenticator apps use the Time-based One-Time Password algorithm (TOTP) to generate secure 6-digit code on your mobile device which have to be entered during authentication. To use it, you need to install an Authenticator App of your choice on your mobile device. Next, you need to configure both your Boxcryptor account and your authenticator app using the following steps:
- Sign in to boxcryptor.com.
- Navigate to Security.
- Click on Two-factor Authentication -> Authenticator App.
- Scan the QR code with your Authenticator App. Copy the Secret Key and store it in a secure place.
- To complete the setup, enter the 6-digit code from your authenticator app.
From now on, you will need to provide both your credentials and a 6-digit code from your authenticator app to sign in. Since the code is time-based, it will change all 30 seconds.
Read more about authenticator apps in our blog.
Important: In case of losing your second device, you can use the secret key to configure a new authenticator app on another device. Afterwards, you can use this device to sign in to your account again. In this case, we recommend changing the authenticator app as a next step, to ensure that the lost device can no longer be used for sign ins. Please store your secret key wisely. It looks similar to this:
It's possible that backups of the mobile device and the subsequent recovery will cause settings (pages) in the authenticator app to be lost. We therefore recommend to make a separate backup of the settings beforehand (for example, by backing up the secret keys or using in-app backups). Alternatively, you can setup a security key as a second factor backup.
Security keys use the WebAuthN protocol to prove your identity by a simple tap on the device. To use this feature, you need a security key. Next, you need to configure your Boxcryptor account using the following steps:
- Sign in to boxcryptor.com.
- Navigate to Security.
- Click on Two-factor Authentication -> Security Keys.
- Select Add Security Key and follow the instructions on the screen.
From now on, you will need to provide both your credentials and a verification with your security key to sign in.
Read more about security tokens on our blog
To prevent a lockout we recommend registering two security keys. Use one regularly, keep the other one as backup in case that you loose the first one. Alternatively, you can set up TOTP as a second factor backup.
Limitations: Security keys are currently not supported on Boxcryptor for iOS, Boxcryptor for Android and Boxcryptor Portable. In these cases, you won't be able to sign in if 2FA is enabled. If accessing your account over boxcryptor.com, you need to use a modern browser.
Backup codes are one-time codes that can be used as an alternative to the second factor, if e.g. the security key has been lost or the mobile phone with the authenticator app is not available. To add backup codes to your account, you need to configure your Boxcryptor account using the following steps:
- Sign in to boxcryptor.com.
- Navigate to Security.
- Click on Two-factor Authentication -> Backup Codes. (This option only is visible when at least one second factor was added to the account.)
- Now the newly generated backup codes are displayed at the screen.
We recommend downloading the backup codes and keeping them safe. In order to benefit from the backup codes, you need to have the codes available when you are logged out.
2FA and the Protection feature
2FA is only enforced when signing in to your Boxcryptor account. Once you are signed in, the second factor is not required anymore - even if you enabled the Protection feature. The Protection feature helps you to prevent unauthorized access to Boxcryptor when you're already signed in and you won't be asked for your second factor. To make Boxcryptor ask you for your second factor, you first need to sign out completely.
Limitations: Boxcryptor for Chrome (beta) do not support 2FA. That means, you will be not able to sign in, as long 2FA is enabled. However, the following workaround exists:
- Go to boxcryptor.com and disable 2FA.
- Sign-in in the Boxcryptor client.
- Enable 2FA again.