Skip to content

Commit 8ad9cae

Browse files
tobihagemanntobihagemann
committed
updated best practices
1 parent 005e93e commit 8ad9cae

File tree

1 file changed

+21
-9
lines changed

1 file changed

+21
-9
lines changed

source/security/best-practices.rst

+21-9
Original file line numberDiff line numberDiff line change
@@ -6,22 +6,20 @@ Best Practices
66
Sharing of Vaults
77
-----------------
88

9-
Always be careful when sharing your vault with other people.
9+
When sharing your vault or working in a team, we strongly recommend using `Cryptomator Hub <https://cryptomator.org/for-teams/>`_.
10+
It adds access management for your vaults and allows you to unlock vaults with your own account.
11+
12+
Otherwise, always be careful when sharing your vault with other people.
1013

1114
In general, keep your vault password secret.
1215
Nobody except yourself should know the vault password.
13-
Only when you use a vault together with other people, they may know your vault password.
16+
Sharing your vault password should be reserved for very limited personal scenarios (for example, with your spouse) and is generally not advised.
1417
Keep in mind that other people could pass on – with or without intent – the vault password.
1518
Only share your vaults with people you trust.
1619

1720
If you share a vault with others, do not communicate the vault password on an insecure channel.
1821
Tell the password in person, use encrypted email or messengers or other similar secure means.
1922

20-
Are you working in a team and do not want to share vault passwords?
21-
Consider using `Cryptomator Hub <https://cryptomator.org/hub/>`_.
22-
It adds access management for your vaults and allows you to unlock vaults with your own account.
23-
24-
2523
.. _security/best-practices/good-passwords:
2624

2725
Good Passwords
@@ -37,6 +35,20 @@ Some of these are:
3735
* For each purpose, a unique password without similarities to other passwords should be used.
3836

3937
If you fulfill these requirements, you quickly reach a point where remembering the passwords gets impossible.
40-
Thus, we recommend to use a password manager to generate and store the passwords.
38+
Thus, we recommend using a password manager to generate and store the passwords.
4139
By doing so, you only have to remember a few or a single secure password.
42-
Otherwise, we recommend to use at least 10 characters, ideally `use sentences instead of words <https://xkcd.com/936/>`_.
40+
Otherwise, we recommend using at least 10 characters, ideally `use sentences instead of words <https://xkcd.com/936/>`_.
41+
42+
.. _security/best-practices/backup-strategy:
43+
44+
Backup Strategy
45+
---------------
46+
47+
Cryptomator is not a backup solution.
48+
Its primary and only purpose is client-side encryption.
49+
50+
We strongly recommend maintaining your own backup strategy.
51+
Even with unencrypted data, regular backups are essential.
52+
53+
Most cloud storage services offer some form of backup or file revision capabilities.
54+
Evaluate if those available measures are sufficient for your needs or consider implementing additional backup systems.

0 commit comments

Comments
 (0)