3

I'm considering enabling Archive Key Password in my CrashPlan account. I'd like to understand how secure this feature is.

CrashPlan documentation for Archive Key Password says (emphasis added):

Instead of securing the encryption key with your account password, you are choosing to secure the key with an additional password, called an archive key password. Only the secured encryption key is stored on CrashPlan servers.
[...]
The key is encrypted with your archive key password and stored on the master server
[...]
If you lose or forget your archive key password: [...]
Without an archive question enabled: There is no way to reset your archive key password if it is lost or forgotten. You will be unable to restore files and you must start over with a new account.

It then describes the Archive Question feature:

In the event that your archive key password is lost or forgotten, and you have this feature enabled, you can answer your archive question.

[...]

  1. If the salted and hashed version of the stored answer matches the salted and hashed version of the supplied answer, you can enter a new archive key password.
  2. The secure key stored on the master server is updated with the new archive key password.

Since the secured key is encrypted using the old archive key password, I would expect that updating the secured key requires it.
However, the old archive key password isn't available in this scenario (lost or forgotten), and is supposedly not stored on the servers.

How then can the secured key be updated with the new archive key password in this scenario?

Improve this question
2
  • Also note the difference between upgrading to an archive key password versus a custom key. You don't need to re-encrypt your data when upgrading to an archive key password. It must be the original key that CrashPlan had plain text access to when the account was originally created, right? Commented Dec 23, 2016 at 13:56
  • @RyanJ That's right. Quoting the docs: When you upgrade your encryption key security to the archive key password option, you change how the encryption key is secured, but the encryption key itself doesn't change. Instead of securing the encryption key with your account password, you are choosing to secure the key with an additional password, called an archive key password. Only the secured encryption key is stored on CrashPlan servers. Commented Dec 23, 2016 at 20:40

1 Answer 1

Reset to default
1

The computer(s) running CrashPlan (your computers) will always have access to the key in plain text. That is why, when using the Archive Question feature, you are able to re-secure that key with a new password, and re-send it to the CrashPlan servers, without knowing the old password.
That is also why this feature is not available on the web; it's only in the CrashPlan desktop application.

Of note: if you somehow lose the plain text version of the key stored on your computer (your hard drive dies or something) AND you forgot your archive key password, you will not be able to restore any of your files, since in this case, the only copy of the key will be the secured version on the CrashPlan server, which nobody will know the password of.

i.e. Don't lose your Archive Key Password (use a password manager - can I suggest 1Password?) and/or backup (not using CrashPlan!) your key, which I think is stored in the .identity file.

Improve this answer
2
  • Your answer makes a lot of sense. Is this explanation from an authoritative source, or your own speculation of how it's implemented? Commented Jun 30, 2017 at 16:30
  • I never saw a mention in their knowledge base that the Archive Question feature is only available through the desktop application. But they do mention quite often that the key is encrypted before being sent to their servers. Also, there is a confirmation that the key is store in plain text on the computers that run the CrashPlan daemon: reddit.com/r/sysadmin/comments/2e7e6b/… Commented Jun 30, 2017 at 16:36

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.