The major cloud storage services like Google Drive and iCloud are easy to use and economical, but they all keep a copy of your account's encryption keys, which isn't good for your digital privacy. You have two alternatives: Go with a more secure service altogether, like SpiderOak or pCloud, or get an app that can add an additional layer of encryption before you move your files online. Cryptomator is in the second category, and best of all, it's free. But is it a hassle to work with?
It's completely free and open: Cryptomator is an open-source product whose developer relies on donations for income. There are no ads nor collection of your personal info. Because the source code is publicly available, technical users can examine it themselves on GitHub for potential security or privacy issues. Its creator Skymatic is a reputable company based in Germany, and the employees all have real names and faces on the company website.
When you're dealing with the security of potentially sensitive data, it's important to be able to trust the software that's interacting with it, and this company's approach should satisfy most people on that score.
It's seamless: To get Cryptomator to sync up with your Google Drive or Dropbox, you just need to create a Cryptomator watch folder inside of the folders on your PC that were created by those cloud storage services. When you click-and-drag a file into this inner folder, Cryptomator will automatically apply your encryption before it gets uploaded to the cloud server, where Google or Dropbox then apply the encryption key that they share with the user. Because there are two layers of encryption on this file, the one created by you should remain intact even if the one applied by your storage provider gets compromised.
The flip side is that the storage provider cannot help you if you lose the password that decrypts your file.
It's just about everywhere: In addition to Windows, you can get it for MacOS, Android, iOS, and Linux. The Linux version has a PPA, a .deb package, an .rpm package, and an AUR. There's even a Java version. Suffice to say, if you're reading this review, you're probably just a few clicks or taps away from being able to run Cryptomator on your device.
Setting it up may be confusing: To create a Cryptomator folder in Windows, you open the desktop app, click on the "+" button in the bottom left, and click on Create New Vault. This is pretty straightforward so far. However, this opens the operating system's Save As dialog, which starts at your PC's root folder. In this dialog, there is no "New Folder" button. Instead, once you've navigated through Save As to find the location where you want to create the folder, you go to the File Name field (even though you're creating a folder and not a file), name your folder, and click the Save button.
It would probably be more intuitive if the desktop app integrated with Windows' context menus, where you could right-click on the desktop or within the File Explorer and create a folder from there.
You'll also need to remember to relock your Cryptomator folders when your session ends, because they'll stay open by default otherwise. We'd prefer a system where the folder would relock after a certain period of inactivity, or if the user logs out, suspends, or shuts down their PC. But for what Cryptomator is and what it costs, these are wishlist items rather than critical missing elements.
While Cryptomator feels a little bare-bones, it's hard to complain; it's one of the few free and open tools to increase the privacy and security of your cloud storage, bringing services like Google Drive and iCloud more up-to-par with robust offerings like SpiderOak One and pCloud Crypto. And as a rule, your particularly sensitive documents should be getting their own layer of encryption anyway, just to be safe.
We understand simplicity as a key aspect of security. With Cryptomator you don't have to deal with accounts, key management, cloud access grants or cipher configurations. Just choose a password and you're ready to go.
You don't even need to specify what cloud you use. Cryptomator encrypts files and doesn't care where you store them. This makes it a lightweight application, which we believe is a huge benefit for reliability. Complexity would kill security.
Cryptomator is a so-called transparent encryption utility. This means that you don't have to learn new workflows. Just work with your files as you're used to.
Cryptomator encrypts file contents and names using AES. Your passphrase is protected against bruteforcing attempts using scrypt. Directory structures get obfuscated. The only thing which cannot be encrypted without breaking your cloud synchronization is the modification date of your files.
Cryptomator is a free and open source software licensed under the MIT / X Consortium License. This allows anyone to check our code. It is impossible to introduce backdoors for third parties. Also we cannot hide vulnerabilities. And the best thing is: There is no need to trust us, as you can control us!
Vendor lock-ins are impossible. Even if we decided to stop development: The source code is already cloned by hundreds of other developers. As you don't need an account, you will never stand in front of locked doors.