- New Boxcryptor for macOS App
- Documentation for Boxcryptor 2.x (Legacy)
- How to Create a Debug Log
- I Cannot Connect to the Boxcryptor Servers
- Use self-signed Certificates for Cloud Provider
- I Cannot Move a File to an Encrypted Folder
- Where can I download Boxcryptor Classic?
- What happens if Boxcryptor goes out of business?
- Outdated Clients
- Cannot open some files
- Apple Chip-Support
- What is a FolderKey.bch and a .bclink file
- Recover Account Access if Second Factor (2FA) is Lost
Share Access to Files
One of the main reasons to use cloud storage is how easy it is to share files and that one can simplify remote group work. Boxcryptor allows you to stay secure while collaborating and sharing files with others.
What You Need to Know About Sharing Encrypted Files
For understanding how the sharing of encrypted files works, it is helpful to understand how programs handle unencrypted and encrypted files.
If you store an unencrypted file on your device or in the cloud, the program you store it with saves the file and the information inside. Such a file can be read or modified by anyone who has physical access. If you encrypt a file, however, the information inside the file is modified. For programs and humans the encrypted information is rendered useless. To decrypt the information again, you need a cryptographic key that translates the information back into its original state.
Therefore, sharing an encrypted file with somebody is like writing an email by poking around on your keyboard. The other person can read the information, but it is useless, since it does not have any semantic meaning.
As a consequence, there are two steps necessary to share an encrypted file:
- Share the file physically at your cloud provider. Please check your provider’s documentation on how to share files or folders with others.
- Share the cryptographic key in Boxcryptor. Boxcryptor uses a key for each file. The key is encrypted by your Boxcryptor account and is stored within the file itself. If you share the file with somebody, the key will be encrypted with the Boxcryptor account of the receiver and stored in the file as well.
Note: Every time you share a file, the file is modified. Keep in mind that it must be synchronized by your cloud provider. If you share access to multiple files, make sure that they are all synchronized completely.
Just as the inheritance of encryption properties, permissions are inherited from the parent folder as well. If you add a file to a shared folder, the persons who you shared the folder with can access the file now, too.
Encrypted and permission to access for Alice
Encrypted and permission to access for Bob
Encrypted and permission to access for Alice and Bob
Share Files With Boxcryptor Users: Permissions
If you want to share a file or folder with someone who uses Boxcryptor as well, follow these steps:
- Ctrl-click the file or folder → Manage Permissions.
- Add the group or user you want to share the file or folder with.
- Apply the changes.
- Wait for the data to be synced to your cloud.
- Make sure to also share access to your file or folder on your providers web interface.
If you have filename encryption activated, it is considered best practice to create a parent folder without filename encryption and share this folder physically at your cloud provider.
Sharing Data With Non-Boxcryptor Users: Whisply
Groups are a powerful instrument for managing your users and their access rights. Manage your groups in your account when you sign in on our website here.
Please be aware that the group feature is only availabe with Boxcryptor Business and up.
Irreversible operations, such as rename, delete, or grant and revoke ownership are restricted to the owner of the group. You can set other members as owners and also remove ownership. Groups can have multiple owners.
Benefits of Groups
Besides sharing files with individual accounts, you can also share files with a group of users. If you share a file with a group, the cryptographic key will be encrypted with a group key and stored inside the file.
The benefits of groups are:
- Central management: You do not need to click through all your files to see, revoke, or grant access to somebody.
- No synchronization necessary: When you add or remove someone from a group, the changes are done on your machine and our servers only. Therefore it is much faster. Since the permissions within the files do not change, a consecutive file synchronization is not necessary.