Skip to main content
Code42 Support

Archive Encryption Key Security

Applies to:
  • CrashPlan for Home
  • CrashPlan PRO
  • CrashPlan PROe

Overview

Code42 regards data security as the most important component of our backup services. That's why CrashPlan encrypts your backup files before any data is sent to your backup destinations. 

This article contains an in-depth look at each of CrashPlan's encryption key options, as well as other important aspects of your backup's security.

Note: See the Definitions section below if you are uncertain about the terms used in this article.

Archive Encryption Key Security Options

Your encryption key is secured in one of three ways, which is based on your security settings:

When using any of these options, your files are encrypted with: ​

  • CrashPlan for Home: Blowfish
  • CrashPlan PRO: AES1
  • Code42 CrashPlan: AES1

1 Earlier versions of CrashPlan PRO and Code42 CrashPlan used Blowfish encryption. For a full description of encryption type by version, see Security Encryption and Password Options

See these external resources for more information on Blowfish or AES encryption and the process of salting and hashing passwords.

Considerations

  • You can upgrade your archive encryption key security by navigating to Settings > Security. Each of the encryption key security options offers increasingly greater security; however, with this additional security comes additional responsibility. Review your options carefully before upgrading your security. 
  • You can never downgrade your account security once it is upgraded.
    This prevents someone from recovering your lost or stolen computer and using the CrashPlan app to downgrade your security.
  • Code42 CrashPlan only: Your administrator may choose to lock the security policy so that you cannot upgrade your security settings.
What Happens When You Have Multiple Computers On Your Account

Your archive encryption key security policy applies to all of the computers on your CrashPlan account. 

Upgraded security policies are implemented as follows:

  • Archive Key Password: All of the computers on your account must use the same archive key password. You cannot have separate archive key passwords for separate computers on a single account.
  • Custom Key: All of the computers on your account must use a custom key. However, you may use a different custom key for each computer on the account.

Encryption Key Options At-A-Glance

The following table provides a comparison of the available archive encryption options. See the Definitions section below if you are uncertain about the terms used in the table.

Security Standard (Default) Archive Key Password Custom Key
Data encryption Yes Yes Yes
Level of data privacy Strong Stronger Strongest
Risk of being unable to restore files Low

With archive question enabled: Medium

High:
  • Key is nearly impossible to commit to memory
  • Custom key cannot be recovered by Customer Champions or administrators

Without archive question enabled: High

Requires restarting backup after upgrading? No No Yes
Secured key stored on a master server? Yes Yes No
Information needed to restore from CrashPlan web app Account password  Account password and archive key password Account password and custom encryption key
Information needed for mobile restore Account password  Account password and archive key password  Account password and custom key 
Encryption key and credentials used by every computer on account? Yes
Single account password and encryption key
Yes
Single account password, encryption key, and archive key password
No
Single account password, but individual computers can have a unique custom key
Information required for new CrashPlan installations Account password Account password Account password and custom key
Administrators have access to backup archive?
(CrashPlan PRO and Code42 CrashPlan only)
Yes No No

Password And Custom Key Recovery

You can reset your account password at any time. However, recovering an archive key password or custom key is difficult, if not impossible. 

Archive Key Password

Optionally, you can set an archive question for your archive key password.

Custom Key
  • There is no way to reset your custom key if it is lost or forgotten. You will be unable to restore files and you must start over with a new account.
Customer Champions Cannot Recover Your Password Or Custom Key 
Our Customer Champions have no way to help you recover an archive key password, an archive question, or a custom key.

Securing Your Encryption Key With Standard Key Security

Your account password is CrashPlan's Standard method (default) for securing your encryption key. It is the simplest method to use, and it offers a good balance between security and ease of use. Using this method, you can access and restore files from the CrashPlan app, the CrashPlan mobile app, and the CrashPlan web app by supplying your account password. 

Tech No​tes

Consideration Details
Configuration
  • Standard archive encryption is the default encryption key security option
Key creation
  • The encryption key is generated by the CrashPlan app when you create your account
Management requirements
  • Only one password to remember
  • Lowest risk of losing ability to restore files
  • (CrashPlan for Home only) Account password can be reset from our website
Key security & storage
  • Encryption key is escrowed the master server for web restores and for installations on new devices
Key storage for mobile devices
CrashPlan mobile app only
  • Encryption key is not stored on the device
  • Secured key is sent from the master server during the sign-in process
  • Secured key is stored in the device's memory only while the CrashPlan mobile app is in the foreground and user is signed in
Web restore key access
  • Encryption key is escrowed on the master server for decryption
Administrator access
CrashPlan PRO and Code42 CrashPlan only
  • Administrators can access files backed up to cloud destinations without knowing the user account password

Securing Your Encryption Key With An Archive Key Password

When you upgrade your encryption key security to the archive key password option, you change how the encryption key is secured, but the encryption key itself doesn't change. Instead of securing the encryption key with your account password, you are choosing to secure the key with an additional password, called an archive key password.

Archive Key Password Considerations
  • An archive key password applies to all computers included on an account. You cannot have separate archive key passwords for separate computers on a single account. This is true for CrashPlan for Home family plan subscriptions, as well as CrashPlan PRO and Code42 CrashPlan user accounts.
  • (CrashPlan PRO and Code42 CrashPlan only) If archive key encryption is enabled from the administration console, the default password is set to the user's account password until it is changed from the CrashPlan app.
  • If you lose or forget your archive key password:
    • With an archive question enabled (versions 3.6.1 and later only): You can reset your archive key password by answering your archive question. If you are unable to provide the correct answer, you will be unable to restore your files and you must start over with a new account.
    • Without an archive question enabled: There is no way to reset your archive key password if it is lost or forgotten. You will be unable to restore files and you must start over with a new account.
    • Code42's Customer Champions cannot assist with recovery of an archive key password or your archive question.

When upgrading security to use an archive key password, read the confirmation alert carefully:

confirm_archive_key_password.png

Tech Notes

Consideration Details
Configuration
  • Archive key password is an increased encryption key security option
Key creation
  • Encryption key is generated by the CrashPlan app when you create your account
  • Your encryption key remains the same when you upgrade security to archive key password
Management requirements
  • Two passwords to remember
  • Increased risk of not being able to restore files if archive key password is forgotten
  • You can change your archive key password at any time without affecting backup data
  • Optional You can provide an archive question that, if answered correctly, can be used to reset your archive key password in the event that it is lost of forgotten
Key security & storage
  • The key is encrypted with your archive key password and stored on the master server for authentication during web restores and installations on new devices
Key storage for mobile devices
CrashPlan mobile app only
  • Encryption key is not stored on the device
  • Secured key is sent from the master server during the sign-in process and stored in the device's memory while the CrashPlan mobile app is in the foreground and you remain signed in
  • You must enter your archive key password to restore
  • If you enable Remember my private password, then the archive key password is stored in the device's memory as long as you remain signed in; the key and password are both removed when you sign out
Web restore key access
  • Encryption key is secured with your archive key password on the master server for web restore
  • The archive key password is hashed and escrowed on the master server for decryption
  • You must supply your archive key password in order to restore files
Administrator access
CrashPlan PRO and Code42 CrashPlan only
  • Admins cannot access files backed up to your destinations without knowing the archive key password​
  • Admins cannot access your archive key password

Archive Question

An archive question is an optional feature of the archive key password security option. An archive question can be used to reset the archive key password in the event that the existing archive key password is lost or forgotten.

Setting The Archive Question 
You must know your existing archive key password in order to set the archive question. The question cannot be set if the archive key password has already been lost of forgotten. 
Code42 ​Customer Champions​​ cannot set an archive question for you, or recover the answer to an archive question in the event that it is lost or forgotten.
How It Works
  • The question is stored on the master server as plain text so that it can be displayed to you if it is needed.
  • A salted and hashed version of the answer is stored on the master server.

In the event that your archive key password is lost or forgotten, and you have this feature enabled, you can answer your archive question.

  1. CrashPlan presents you with the archive question.
  2. CrashPlan salts and hashes the answer you provide and compares it against the salted and hashed version stored on the master server.
  3. If the salted and hashed version of the stored answer matches the salted and hashed version of the supplied answer, you can enter a new archive key password.
  4. The secure key stored on the master server is updated with the new archive key password.

Securing Your Archive With A Custom Key

If you choose the custom key security model, the encryption key generated by CrashPlan is replaced with a custom key. This is the most secure option, but it requires the most management because you must provide the full custom key when performing:

  • Web restores
  • Mobile restores
  • Administrator restores
  • Installation of CrashPlan on new devices

With this option, you create your own data key that resides on your computer. The data key is never transmitted to any other locations, including the master server. Make sure to store a copy of the custom key someplace where it is accessible if you need to restore, even if the source computer has failed. 

Read our tutorial on upgrading security to custom key for more information on creating, exporting, and importing your custom key. 

Custom Key Considerations 
  • When you upgrade to a custom key, all previously backed up files associated with the old encryption key are deleted and no longer available for restore.
  • Always store your encryption key in a plain text (.txt) file and work with a plain text editor such as vi, vim, emacs, nano, pico, Notepad or TextMate. Word processors such as Word, Wordpad, Pages, or OpenOffice Writer introduce additional formatting characters and should be avoided when working with encryption keys.
  • There is no way to reset your custom key if it is lost or forgotten. You will be unable to restore files and you must start over with a new account. Please contact our Customer Champion team for assistance. 

When upgrading security to use a custom key, read the confirmation alert carefully:

custom_key_warning_cropped.png

Tech Notes

Consideration Details
Configuration
  • Custom key is the highest upgraded encryption key security option
Key creation
  • The original encryption key generated by the CrashPlan app is removed from the master server; you can assign a custom key using the generate, passphrase, or import options in the CrashPlan app
  • You can choose to assign a different custom key to each computer on your account
Management requirements
  • Nearly impossible to remember, with increased risk of not being able to restore files if the custom key is lost
  • You must start a completely new backup after upgrading to this security option; files backed up prior to upgrading are deleted from backup archives
  • Web restore, new installations, and remote restore require that you provide the custom key
Key security & storage
  • Encryption key exists only on source computer
  • Your custom key is never cached at any remote location
Key storage for mobile devices
CrashPlan mobile app only
  • Custom key is only stored on your device if you enable Remember my custom key
  • Custom key is removed when you sign out of the app
Web restore key access
  • You must supply your custom key in order to restore files
  • The custom key is held in memory for the purpose of restoring files; it is never written to disk
  • The custom key is flushed from memory once files are restored
Administrator access
CrashPlan PRO and Code42 CrashPlan only
  • Admins cannot access files backed up to your destinations without knowing the custom key
  • Admins cannot access your custom key

Transmission Security

Once your files are encrypted and secured with the encryption key method of your choice, your backup transmission is sent to your destinations using a TLS-based communications encryption protocol and 128-bit AES cipher. 

Definitions

The terms below are used throughout this article.

account password

Password you supplied when you registered your CrashPlan user account.

archive question

An archive question is an optional feature of the archive key password security option. If your account has an archive question and answer configured, you are able to reset the archive key password if it is lost or forgotten. When you enable the archive question, the security of your archive key depends on both how hard it is to guess your answer and the strength of your archive key password. You can enable the archive question feature at any time, provided you know your current archive key password.

archive key password

Password supplied when you the enable archive key password option for archive encryption. If you have enabled this option, you must supply the archive key password to restore files. See also account password, secured key.

custom key

Encryption key that is user-created (using the Passphrase or Generate options) and is used instead of the encryption key generated by the CrashPlan app. This encryption security option offers the greatest security because the custom key never leaves the source computer.  It also greatly increases user responsibility; there is no way to recover a backup if the custom key is lost or forgotten. CrashPlan Customer Champions have no way to assist with custom key recovery.

encryption key

A piece of information that a cryptographic algorithm uses to encrypt data. 

master server
The master server is the "authority" server in any Code42 environment. Key functions of the master server include (but are not limited to) authentication, the management of all licensing, and the storage of encryption keys. If you use CrashPlan for Home or CrashPlan PRO, then the master server is owned and managed by Code42. If you use Code42 CrashPlan, then ownership and management of the master server depends on your environment’s deployment architecture.
secured key

A version of a user's archive encryption key that is encrypted with the user's account password (default security) or archive key password (enhanced security).

External Resources

  • Blowfish is a freely available, documented, and open method of encrypting data (an algorithm). Being open is very important - this means that Blowfish encryption uses public processes that can be scrutinized and tested by everyone and as a result, is proven to be secure. More information on Blowfish encryption is available on creator Bruce Schneier's website.
  • AES is the National Institute of Standards and Technology (NIST) specification for encryption, which is used by the US government to secure top secret information and is a standard for businesses worldwide. For more information on AES encryption, see this article by TechTarget.
  • CrashPlan for Home without a subscription uses a 128-bit encryption key and CrashPlan for Home with a subscription uses a 448-bit encryption key. 128-bit encryption is the same encryption that online banking and most businesses use. There's a discussion of CrashPlan's Blowfish encryption in the Listener Feedback section of the Security Now podcast, Episode 230.
  • Salting and hashing is a security measure used for passwords. Learn more about salting and hashing from BlackWasp
  • Was this article helpful?