- Off-Migration Guide: Decrypt all Boxcryptor encrypted files
- What happens if Boxcryptor goes out of business?
- Boxcryptor does not show up in Files app
- Use self-signed Certificates for Cloud Provider
- I Cannot Move a File to an Encrypted Folder
- Where can I download Boxcryptor Classic?
- Outdated Clients
- Cannot open some files
- What is a FolderKey.bch and a .bclink file
- Recover Account Access if Second Factor (2FA) is Lost
- Why Is Boxcryptor “Files App First”?
- I Don’t Trust Apple, iOS or the Files App
- I Don’t Trust Other Apps
Share Access to Files
One of the main reasons to use cloud storage is how easy it is to share files and that one can simplify remote group work. Boxcryptor allows you to stay secure while collaborating and sharing files with others.
What You Need to Know About Sharing Encrypted Files
For understanding how the sharing of encrypted files works, it is helpful to understand how programs handle unencrypted and encrypted files.
If you store an unencrypted file on your device or in the cloud, the program you store it with saves the file and the information inside. Such a file can be read or modified by anyone who has physical access. If you encrypt a file, however, the information inside the file is modified. For programs and humans the encrypted information is rendered useless. To decrypt the information again, you need a cryptographic key that translates the information back into its original state.
Therefore, sharing an encrypted file with somebody is like writing an email by poking around on your keyboard. The other person can read the information, but it is useless, since it does not have any semantic meaning.
As a consequence, there are two steps necessary to share an encrypted file:
- Share the file physically at your cloud provider. Please check your provider’s documentation on how to share files or folders with others.
- Share the cryptographic key in Boxcryptor. Boxcryptor uses a key for each file. The key is encrypted by your Boxcryptor account and is stored within the file itself. If you share the file with somebody, the key will be encrypted with the Boxcryptor account of the receiver and stored in the file as well.
Note: Every time you share a file, the file is modified. Keep in mind that it must be synchronized by your cloud provider. If you share access to multiple files, make sure that they are all synchronized completely.
Just as the inheritance of encryption properties, permissions are inherited from the parent folder as well. If you add a file to a shared folder, the persons who you shared the folder with can access the file now, too.
Encrypted and permission to access for Alice
Encrypted and permission to access for Bob
Encrypted and permission to access for Alice and Bob
Share Files With Boxcryptor Users: Permissions
Managing permissions is not possible with Boxcryptor for iOS. Please use Boxcryptor for macOS or Boxcryptor for Windows to manage permissions.
Sharing Data With Non-Boxcryptor Users: Whisply
If you want to share a file with someone who is neither using Boxcryptor nor the cloud, you can use Whisply. Whisply is a browser based secure file transfer service that we developed for this purpose. Whisply is not integrated into Boxcryptor for iOS. You can use the browser version of Whisply to share files or folders with non-Boxcryptor users.
Groups are a powerful instrument for managing your users and their access rights. Manage your groups in your account when you sign in on our website here.
Please be aware that the group feature is only availabe with Boxcryptor Business and up.
Irreversible operations, such as rename, delete, or grant and revoke ownership are restricted to the owner of the group. You can set other members as owners and also remove ownership. Groups can have multiple owners.
Benefits of Groups
Besides sharing files with individual accounts, you can also share files with a group of users. If you share a file with a group, the cryptographic key will be encrypted with a group key and stored inside the file.
The benefits of groups are:
- Central management: You do not need to click through all your files to see, revoke, or grant access to somebody.
- No synchronization necessary: When you add or remove someone from a group, the changes are done on your machine and our servers only. Therefore it is much faster. Since the permissions within the files do not change, a consecutive file synchronization is not necessary.