We have a newer web site! Visit axcrypt.net instead!

Usage Tips


Target use

AxCrypt is used to share and work with stored documents, and e-mail attachments, in a secure manner.

If your documents reside on a document sharing service, intranet or file server AxCrypt is especially well suited and will usually seamlessly integrate, and make sharing and storing sensitive data as easy as not protecting it.

To send secure e-mail, agree on a pass phrase and ensure that all parties have AxCrypt, then send your encrypted files as regular attachments. With the pass phrase cache and the double-click edit feature even many turns over e-mail is as easy as without encryption.

AxCrypt will, within the limits of your pass phrase, keep remotely stored documents secure. For documents on your local hard-disk there are many caveats not due to the security of the encryption as such. Please see the section on local PC security below.

It's also suitable for use by other programmers and system administrators, as it provides a command-line interface easy to use from any other programming language on the Windows platform that can execute another program, including .bat files.


Personal Privacy...

AxCrypt is great for protecting your documents such as private letters, correspondence, job information, medical information, financial details stored on a local hard disk or network server.

Just right-click any document file and encrypt it with AxCrypt. Viewing and opening for update is just as convenient as before encryption due to AxCrypt's automatic decryption/open/re-encryption function.

If you use a Key-File on a diskette or USB thumb drive, your files will be encrypted to the highest level of protection as long the Key-File is kept secret.


...but the file name reveals information too!

In many cases, just the file name is enough to violate privacy. You can then use the AxCrypt -> Rename option from the the right-click menu. The file will be given a completely anonymous name, but the original name is restored when you decrypt or open the file.


Making archives of encrypted files

AxCrypt does not support storing many files in an archive, like WinZip. This is for a reason - because WinZip (and Windows XP or later Compressed Folders) already does it so well!

So, simply create your .zip-file, encrypt whatever you want to be there in it with AxCrypt, and then move it to the .zip-file. The archive can now be opened in WinZip or in a Compressed Folder view, and you can work with the archive as usual, including opening, editing, adding and deleting individual files. When you open an embeded encrypted AxCrypt-encrypted file it will in turn be decrypted.


Backups

Do you do your backups to CD's or DVD's, or just to files on another hard-disk using backup programs or perhaps WinZip? If you encrypt the backup-archive with AxCrypt, you can then store the CD, DVD or file in any place, without fear of your privacy being violated should it get lost.

Store a copy of AxDecrypt with your backup, and you are independent of an AxCrypt installation when you need to recover.


PIN's and passwords

Do you have many PIN's for your credit and ATM cards to remember? Dozens of web-sites with different passwords?

There are many special purpose password managers out there, some really good, but why bother? Use a regular text file with notepad, or download this Excel-template. (Right-click the link and choose "Save Target As...") Encrypt the file with AxCrypt.

You can then store your passwords conveniently and safely.

(Only use the Excel-template, if you have Windows 2000 or later and follow the advice on using EFS on your temporary directory due to Excel's use of temporary files).

If you also follow the advice above on renaming the file, no hint about the actual contents remain visible in your computer.

Further notes: Notepad does not create any temporary files and AxCrypt will properly wipe its traces, so this is every bit as secure as most password managers. Some managers will attempt to lock memory, or encrypt the data in memory, to keep it out of the paging file, which is even better of course. If this is a concern or not depends on your level of paranoia.


Confidential data in public repositories

There are many web-services that allow you to upload documents, such as project services and similar. If you feel uncomfortable uploading sensitive information there, regardless of the providers assurances, encrypt the documents. If the documents are encrypted with AxCrypt, you will be assured of preserved confidentiality from your PC to the web-service, and back again.


Networks

When you store a document on a Local Area Network-server, the data is usually stored in clear-text there, even when access controls are in place, accessible to all system-administrators as well as others who by chance or mistake happen to get read-access.

The data also travels the network in the clear, easily sniffable by anyone on the same network segment. Backups are also seldom encrypted, so anyone gaining access to a backup-tape has potential access, regardless of the access controls enforced on the server.

All of these cases are handled when the data is encrypted with AxCrypt - it's never seen on the network, the server or backups in the clear.


Program (.exe) protection

Do you have a program you'd like to restrict access to? Simply encrypt the .exe-file with AxCrypt! (This will not work if the program depends on other files being located in the same or sub-directories as the program, since it gets decrypted in a temporary location).


Pre-distribution

Some information should be confidential up to a certain time, and then it's not. It might be a movie trailer, a quarterly financial report or something similar. Information that must be prepared ahead of time, and is beneficial to have the distribution done beforehand - even though it must not be disclosed until a certain time.

Use AxCrypt to encrypt the document, for example the PDF of the financial report. You can then distribute it by any means, hours and days ahead of time, the information is out there but unreadable. When it's time to disclose, simply publish the key used. This reduces peak server loads and eases distribution.


Confidential e-mail

A quick and easy method to communicate between two parties. Agree ahead of time, perhaps on the phone or through Instant Messaging, on a passphrase. Then write the initial message using Notepad, Word Pad or Microsoft Word. Encrypt the result. Send it to the other party.

The other party will now be able to open and edit the message directly, respond etc, and then reply and attach the automatically re-encrypted file in a quick and convenient manner.

This is not quite as easy as regular mail - but not far from it - and most approaches instead require encrypting and decrypting using the clipboard with cut and paste.


Hide .AXX Extension

You might be more comfortable hiding the .AXX extension. You can do this by enabling an option in the registry. Download this file to do it.