Code42 regards data security as the most important component of our backup services. That's why CrashPlan encrypts your backup files before any data is sent to your backup destinations.
This article contains an in-depth look at each of CrashPlan's encryption key options, as well as other important aspects of your backup's security.
Note: See the Definitions section below if you are uncertain about the terms used in this article.
Archive encryption key security options
Your encryption key is secured in one of three ways, which is based on your security settings:
- Standard: Secured with a salted and hashed version of your account password
- Archive key password: Secured with a salted and hashed version of your archive key password
- Custom key: Encryption key is replaced by a custom key that is never escrowed on a authority server
When using any of these options, your files are encrypted with AES. Earlier versions used Blowfish encryption. For a full description of encryption type by version, see Security Encryption and Password Options.
See these external resources for more information on Blowfish or AES encryption and the process of salting and hashing passwords.
- You can upgrade your archive encryption key security by navigating to Settings > Security. Each of the encryption key security options offers increasingly greater security; however, with this additional security comes additional responsibility. Review your options carefully before upgrading your security.
- You can never downgrade your account security once it is upgraded.
This prevents someone from recovering your lost or stolen computer and using the CrashPlan app to downgrade your security.
- Your administrator may choose to lock the security policy so that you cannot upgrade your security settings.
Your archive encryption key security policy applies to all of the computers on your CrashPlan account.
Upgraded security policies are implemented as follows:
- Archive Key Password: All of the computers on your account must use the same archive key password. You cannot have separate archive key passwords for separate computers on a single account.
- Custom Key: All of the computers on your account must use a custom key. However, you may use a different custom key for each computer on the account.
Encryption key options at-a-glance
The following table provides a comparison of the available archive encryption options. See the Definitions section below if you are uncertain about the terms used in the table.
|Security||Standard (Default)||Archive Key Password||Custom Key|
|Level of data privacy||Strong||Stronger||Strongest|
|Risk of being unable to restore files||Low||
With archive question enabled: Medium
Without archive question enabled: High
|Requires restarting backup after upgrading?||No||No||Yes|
|Secured key stored on a authority server?||Yes||Yes||No|
|Information needed to restore from CrashPlan web app||Account password||Account password and archive key password||Account password and custom encryption key|
|Encryption key and credentials used by every computer on account?||Yes
Single account password and encryption key
Single account password, encryption key, and archive key password
Single account password, but individual computers can have a unique custom key
|Information required for new CrashPlan installations||Account password||Account password||Account password and custom key|
|Administrators have access to backup archive?||Yes||No||No|
Password and custom key recovery
You can reset your account password at any time. However, recovering an archive key password or custom key is difficult, if not impossible.
Optionally, you can set an archive question for your archive key password.
- With an archive question enabled, you can reset your archive key password by answering your archive question. If you are unable to provide the correct answer, you will be unable to restore your files and you must start over with a new account.
- Without an archive question enabled, there is no way to reset your archive key password if it is lost or forgotten. You will be unable to restore files and you must start over with a new account.
- There is no way to reset your custom key if it is lost or forgotten. You will be unable to restore files and you must start over with a new account.
Our Customer Champions have no way to help you recover an archive key password, an archive question, or a custom key.
Securing your encryption key with standard key security
Your account password is CrashPlan's Standard method (default) for securing your encryption key. It is the simplest method to use, and it offers a good balance between security and ease of use. Using this method, you can access and restore files from the CrashPlan app and the CrashPlan web app by supplying your account password.
|Key security & storage||
|Web restore key access||
Securing your encryption key with an archive key password
When you upgrade your encryption key security to the archive key password option, you change how the encryption key is secured, but the encryption key itself doesn't change. Instead of securing the encryption key with your account password, you are choosing to secure the key with an additional password, called an archive key password. Only the secured encryption key is stored on CrashPlan servers.
- An archive key password applies to all computers included on an account. You cannot have separate archive key passwords for separate computers on a single account.
- If archive key encryption is enabled from the administration console, the CrashPlan app prompts users to create their passwords.
(Versions 4.7 and earlier: The prompt does not appear. The password is set to the user's account password until it is changed from the CrashPlan app.)
- If you lose or forget your archive key password:
- With an archive question enabled (versions 3.6.1 and later only): You can reset your archive key password by answering your archive question. If you are unable to provide the correct answer, you will be unable to restore your files and you must start over with a new account.
- Without an archive question enabled: There is no way to reset your archive key password if it is lost or forgotten. You will be unable to restore files and you must start over with a new account.
- Code42's Customer Champions cannot assist with recovery of an archive key password or your archive question.
When upgrading security to use an archive key password, read the confirmation alert carefully:
|Key security & storage||
|Web restore key access||
An archive question is an optional feature of the archive key password security option. An archive question can be used to reset the archive key password in the event that the existing archive key password is lost or forgotten.
You must know your existing archive key password in order to set the archive question. The question cannot be set if the archive key password has already been lost of forgotten. Code42 Customer Champions cannot set an archive question for you, or recover the answer to an archive question in the event that it is lost or forgotten.
How it works
- The question is stored on the authority server as plain text so that it can be displayed to you if it is needed.
- A salted and hashed version of the answer is stored on the authority server.
In the event that your archive key password is lost or forgotten, and you have this feature enabled, you can answer your archive question.
- CrashPlan presents you with the archive question.
- CrashPlan salts and hashes the answer you provide and compares it against the salted and hashed version stored on the authority server.
- If the salted and hashed version of the stored answer matches the salted and hashed version of the supplied answer, you can enter a new archive key password.
- The secure key stored on the authority server is updated with the new archive key password.
Securing your archive with a custom key
If you choose the custom key security model, the encryption key generated by CrashPlan is replaced with a custom key. This is the most secure option, but it requires the most management because you must provide the full custom key when performing:
- Web restores
- Administrator restores
- Installation of CrashPlan on new devices
With this option, you create your own data key that resides on your computer. The data key is never transmitted to any other locations, including the authority server. Make sure to store a copy of the custom key someplace where it is accessible if you need to restore, even if the source computer has failed.
Read our tutorial on upgrading security to custom key for more information on creating, exporting, and importing your custom key.
- When you upgrade to a custom key, all previously backed up files associated with the old encryption key are deleted and no longer available for restore.
- There is no way to reset your custom key if it is lost or forgotten. You will be unable to restore files and you must start over with a new account. Please contact our Customer Champions for Code42 for Enterprise support for assistance.
When upgrading security to use a custom key, read the confirmation alert carefully:
|Key security & storage||
|Web restore key access||
Once your files are encrypted and secured with the encryption key method of your choice, your backup transmission is sent to your destinations using a TLS-based communications encryption protocol and 128-bit AES cipher.
The terms below are used throughout this article.
- account password
Password you supplied when you registered your CrashPlan user account.
- archive question
An archive question is an optional feature of the archive key password security option. If your account has an archive question and answer configured, you are able to reset the archive key password if it is lost or forgotten. When you enable the archive question, the security of your archive key depends on both how hard it is to guess your answer and the strength of your archive key password. You can enable the archive question feature at any time, provided you know your current archive key password.
- archive key password
Password supplied when you the enable archive key password option for archive encryption. If you have enabled this option, you must supply the archive key password to restore files. See also account password, secured key.
- custom key
Encryption key that is user-created (using the Passphrase or Generate options) and is used instead of the encryption key generated by the CrashPlan app. This encryption security option offers the greatest security because the custom key never leaves the source computer. It also greatly increases user responsibility; there is no way to recover a backup if the custom key is lost or forgotten. CrashPlan Customer Champions have no way to assist with custom key recovery.
- encryption key
A piece of information that a cryptographic algorithm uses to encrypt data.
- authority server
- The authority server is the "authority" server in any Code42 environment. Key functions of the authority server include (but are not limited to) authentication, the management of all licensing, and the storage of encryption keys. Ownership and management of the authority server depends on your environment’s deployment architecture.
- secured key
A version of a user's archive encryption key that is encrypted with the user's account password (default security) or archive key password (enhanced security).
- Blowfish is a freely available, documented, and open method of encrypting data (an algorithm). Being open is very important - this means that Blowfish encryption uses public processes that can be scrutinized and tested by everyone and as a result, is proven to be secure. More information on Blowfish encryption is available on creator Bruce Schneier's website.
- AES is the National Institute of Standards and Technology (NIST) specification for encryption, which is used by the US government to secure top secret information and is a standard for businesses worldwide. For more information on AES encryption, see this article by TechTarget.
- Salting and hashing is a security measure used for passwords. Learn more about salting and hashing from BlackWasp.