Skip to main content
Code42 Support

Upgrade Code42 CrashPlan security to custom key

Applies to:
  • Code42 CrashPlan (previously CrashPlan PROe)

Overview

Upgrading your Code42 CrashPlan security option to a custom key is the highest level of security available. However, it also requires the most management because you must provide your custom key when restoring data or installing the CrashPlan app on new devices. This article provides step-by-step instructions for upgrading to this security option.

Enhanced security support for version 5.x of the CrashPlan app
Enhanced archive encryption settings (archive key password and custom key) require version 5.2.x or later of the CrashPlan app. Enhanced archive encryption settings are not available in versions 5.0.x and 5.1.x of the CrashPlan app.

Considerations

Account impact

The setting applies to all devices on your account. Any additional devices on your account will stop backing up until a custom key is entered on the device. You may choose to use unique custom keys for each device, or you can apply the same key to each of your devices.

Backup Must Start Over
When you upgrade to custom key, files backed up with your previous encryption key are deleted from your backup and cannot be restored. Your backup must start over with the new encryption key. Likewise, if you change your custom key, your backup must start over with the new encryption key.

Custom key recovery

Lost custom key
There is no way to reset your custom key if it is lost or forgotten. The Customer Champion team and your administrator have no way to help you recover a custom key. You will be unable to restore files.

Managing your custom key

You are responsible for storing your encryption key. We recommend exporting your key to a plain text file (.txt) for safe keeping. Do not modify the file. If you must open the file, use a plain text editor such a vi, vim, emacs, nano, pico, Notepad, or TextMate. Avoid using word processors, such as Word, Wordpad, Pages, or OpenOffice Writer, which introduce additional formatting characters and may corrupt your encryption key.

Upgrade to custom key

Step 1: Open security preferences

  1. Open the CrashPlan app.
  2. Click Details.
  3. Select the arrow next to your device name, and choose Device preferences. Device Preferences
  4. Select Security.

Step 2: Set custom key

You can create your custom key in several ways:

  • Import an existing key from a plain text file
  • Paste from clipboard
  • Enter a passphrase that generates a key
  • Allow CrashPlan to generate a key for you

Upgrade security to custom key

Option A: Import key from a text file

Import requirements

The key included in the file must be compatible with CrashPlan's cryptography framework. We do not recommend generating a key from an external source. Additionally, the imported file must be:

  • Plain text file 1
  • UTF-8 format
  • 100 bytes or less in size

1 Depending on which version of the CrashPlan app you used to export the key, the file may use the extension .cpkey (version 5.2 or later) or it may not include an extension (version 4.x and earlier). As long as the file uses plain text encoding, files using .txt, .cpkey, or files with no extension are all acceptable.

Editing custom key text files
Word processors such as Word, Wordpad, Pages, or OpenOffice Writer introduce additional formatting characters and should be avoided when working with encryption keys. We recommend using a plain text editor such as vi, vim, emacs, nano, pico, Notepad or TextMate when working with encryption keys.

If you previously exported a key from another device, you can use the import option to apply the same key to additional devices.

  1. Select Custom Key.
  2. Click Enter key.
  3. Select Import from the list of options.
    Your file browser opens.
  4. Navigate to the file you wish to import.
  5. Click Open.
    The success message, "Imported custom key from (file name)", appears.
  6. Click Save.
    The Confirm Archive Encryption Settings dialog appears.
  7. Continue to Step 3 to confirm the change to your encryption key setting.

Option B: Paste from clipboard

  1. From a plain text editor, copy your custom encryption key to your device's clipboard.
  2. From the CrashPlan app, select Custom Key.
  3. Click Enter key.
  4. Select Paste from clipboard.
    The success message, "Pasted custom key from clipboard", appears.
  5. Click Save.
    The Confirm Archive Encryption Settings dialog appears.
  6. Continue to Step 3 to confirm the change to your encryption key setting.

Option C: Passphrase

  1. Select Custom Key.
  2. Click Enter key.
  3. Select Passphrase.
  4. Enter the text for the passphrase.
    A strong passphrase contains 56 or more characters. You can use alphanumeric, numeric, symbol, or space characters.
  5. Click Generate Key.
    CrashPlan generates an encryption key.
  6. Click Save.
    The Confirm Archive Encryption Settings dialog appears.
  7. Continue to Step 3 to confirm the change to your encryption key setting.

Option d: Generate key

  1. Select Custom Key.
  2. Click Enter key.
  3. Select Generate key.
    CrashPlan generates the text for your new key.
  4. Click Save.
    The Confirm Archive Encryption Settings dialog appears.
  5. Continue to Step 3 to confirm the change to your encryption key setting.

Step 3: Confirm your security upgrade

Confirm encryption key setting

  1. Read the agreement on changing your security settings.
  2. Select I understand the risks if you approve of each consideration.
  3. Select I agree to delete my backups on all of my devices if you approve of deleting your existing backups and starting your backups over with your new encryption key.
  4. Click Save to permanently upgrade your CrashPlan security option to a custom key.
    The success message, "Security upgraded to Custom Key", appears.
Export key
Once you've selected the method for entering your new encryption key, you can export the key to a plain text file. Exporting the key to a file makes it easier to locate the key later. Additionally, when restoring data or installing the CrashPlan app on new computers, you can use the Import option to import the encryption key from the text file.

Export your custom encryption key

Once you have set or generated a custom key, export the key for safe keeping. You must provide your key when downloading files from your backup, installing the CrashPlan app, or accessing the CrashPlan app on other devices.

Export encryption key for safe keeping
  • Always save your encryption key in plain text file. The CrashPlan app exports the key in a plain text file with the extension .cpkey. It is not necessary to use this file extension, but the file must be saved as plain text.
  • Do not modify the file. If you must open the file, use a plain text editor such a vi, vim, emacs, nano, pico, Notepad, or TextMate. Avoid using word processors, such as Word, Wordpad, Pages, or OpenOffice Writer, which introduce additional formatting characters and may corrupt your encryption key.

Export custom key

  1. Open the CrashPlan app.
  2. Open your security preferences:
    1. Click Details.
    2. Select the arrow next to your device name, and choose Device preferences.
    3. Select Security.
  3. Click Export in the Account Encryption Key Security area.
    The key exports to a plain text file with the extension .cpkey. It is not necessary to use this file extension, but the file must be saved as plain text.
  4. Enter a name and location for the file to which you want to export the encryption key.
  5. Click Save.