Skip to content

Are backups encrypted? #602

Answered by mymindstorm
TBloop asked this question in Q&A
Mar 1, 2021 · 3 comments · 5 replies
Discussion options

You must be logged in to vote

Backups are encrypted by default, and you will see some red warning text if you disable it. To check this setting go to Storage & Backup -> Dropbox -> Encrypted dropdown should show Yes.

In terms of the backup format: the hash field on individual accounts is actually a random UUID, and it is just used as an internal ID. The secret field is encrypted with the value in key which is encrypted by your actual password and hashed with argon2 (all encryption is done with AES-256). All other account metadata is unencrypted.

The data that is not encrypted does not allow attackers to reconstruct OTPs, but it may give them your email or the website that the account is used on.

Replies: 3 comments 5 replies

Comment options

You must be logged in to vote
0 replies
Answer selected by mymindstorm
Comment options

You must be logged in to vote
1 reply
@mymindstorm
Comment options

Comment options

You must be logged in to vote
4 replies
@mymindstorm
Comment options

@Sneezry
Comment options

@ashutoshsaboo
Comment options

@Sneezry
Comment options

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
Q&A
Labels
None yet
5 participants