Managing & Using Vaults

If not only individual files but also entire file areas are to be encrypted and decrypted again, e.g. in connection with a secret project or a valuable new development, a safe can be used for this purpose. The idea behind this is in particular that the encrypted data should be located on one medium and the unencrypted data, which is being worked with, on another, easily cleanable, workspace.

Different vaults can be defined for different projects and the relationship between the vault location, the workspace and the files involved must be specified for each vault. The function for this can be reached via the main menu item Accessories and the menu item Vaults ▶ Manage ... can be reached.

New vaults can be created, existing vaults can be activated, deactivated, edited or deleted via the vault management dialog.

The following links lead to the individual chapters that describe in detail how safes work and how to work with them:

	Activate / deactivate vaults
	Close vaults
	Open vaults
	Delete vaults
	Create / edit vaults

Activate / deactivate vaults

To activate and deactivate, use the button

. If a vault is selected in the list of existing vaults, it then becomes the current one and visible in the GUI of the application. Conversely, if the Deactivate vault list entry is selected and the button is pressed, the current vault is deactivated and the vault door disappears from the GUI again.

The current state of an activated vault is indicated by the open or closed vault door. The vault door is closed when the encrypted data is in the defined vault area and there are no unencrypted files in the work area and it is open when the decrypted data is in the work area. A vault can be opened and closed by double-clicking on the vault door with the left mouse button.

Close vaults

When the vault is closed, first a backup of the current vault contents is created so that the last state is still available in case something should go wrong. Then the currently selected key is used to encrypt the files in the workspace and transfer them to the vault. After that, a cleaning of the size of ten times the workspace size is performed on the drive where the workspace is located.

However, before the vault is closed, it is monitored whether there are still enough unused keys in the key bundle, because each file is encrypted with its own, different key and it is additionally checked whether the keys are long enough to encrypt all files without repeating the byte sequence of the key.

If there are not enough unused keys left in the key bundle, the safe cannot be closed. The user must first create a new key bundle and select it to the current one.

If some data is larger than the maximum key length from the current key bundle, it is the user's responsibility to decide whether to select a different key bundle first or to perform encryption with the current key bundle anyway.

If the current key bundle is already relatively large and some files are only a little larger, it is actually no problem to cyclically extend the key used in these cases. However, if you are very particular about OTP and want to be absolutely sure that the data is encrypted without being decrypted, you have to generate or select a new key bundle whose keys are long enough to encrypt even the largest of the files without being extended.

If a vault is open and the application is to be closed, the user must first confirm that the application can be closed even if the vault is open. This is to prevent data that should actually be kept under lock and key from accidentally remaining unencrypted in the workspace.

Open vaults

Double-clicking with the left mouse button on the closed vault door opens the safe. However, this only works if the defined workspace is completely empty. After closing a vault, the unencrypted files and folders are removed from the workspace and the workspace must remain empty until the files are decrypted again. When trying to open the vault if new files have been copied to the workspace in the meantime, the user receives an error message and must first empty the workspace again.

As a result, new files can only be added to the work package/project if the vault is currently open, or to add new files to a work package, the vault must first be opened.

Delete vaults

If a safe is selected and the button

is pressed, the safe is deleted. The data of the workspace remains unaffected. However, if the vault is closed and the files of this vault are only encrypted in the vault, the user must confirm beforehand that the vault should really be removed.

Since the vault with its definitions is only removed from the list of vaults and the encrypted files are not automatically deleted, the encrypted data can be decrypted again manually using the decryption function or the browser. The user must then finally destroy the encrypted files of the vault himself.

Create / edit vaults

To create a new vault use the button

. This opens a dialog box for specifying the new vault.
To edit an existing vault use the button

. It is activated when one of the opened vaults is selected in the list. Then the specifications of this vault can be changed.

The names for the safes must be unique. Duplicates are not allowed here and the length of the names is limited to 25 characters.

Workspaces can be added and removed using the

and

functions. At least one workspace must be defined and the workspaces must not be located in the root directory of a medium. This is monitored during selection.

If the location of the vault is set, it must be an empty directory. If the location of an existing vault is changed, the previous location cannot be used again unless it has been emptied first.