Best Practices

Sharing of Vaults

Always be careful when sharing your vault with other people.

In general, keep your vault password secret. Nobody except yourself should know the vault password. Only when you use a vault together with other people, they may know your vault password. Keep in mind that other people could pass on – with or without intent – the vault password. Only share your vaults with people you trust.

If you share a vault with others, do not communicate the vault password on an insecure channel. Tell the password in person, use encrypted email or messengers or other similar secure means.

Are you working in a team and do not want to share vault passwords? Consider using Cryptomator Hub. It adds access management for your vaults and allows you to unlock vaults with your own account.

Good Passwords

Bad passwords can be cracked easily when using computers. Plenty of recommendations exist for secure passwords. Some of these are:

  • A password should not contain public or personal information like the name of your pet, date of birth, or username.

  • A password should be long.

  • A password should not be an existing word or a combination of few words. It should be a combination of characters or words that is as random as possible.

  • For each purpose, a unique password without similarities to other passwords should be used.

If you fulfill these requirements, you quickly reach a point where remembering the passwords gets impossible. Thus, we recommend to use a password manager to generate and store the passwords. By doing so, you only have to remember a few or a single secure password. Otherwise, we recommend to use at least 10 characters, ideally use sentences instead of words.