Enabling custom key security for backups

Updated

Objective

Enabling custom key security means your backed-up data is encrypted with a key that you provide and store locally. This article provides instructions for enabling this setting.

Prerequisites

  • CrashPlan app
  • Permissions: You must have permission to change this setting. Depending on your organization's configuration, your administrator may prevent you from changing this setting.
  • Plan: This setting is only available for CrashPlan Enterprise and CrashPlan for MSPs subscriptions.
  • Risks and limitations: Ensure you have reviewed the risks and limitations for this security setting before proceeding.

  • Key storage: Have a secure location (such as a password manager) ready to store your key.

    CrashPlan cannot recover a lost custom key.

Procedure

Administrator-required setup
If your administrator has mandated custom key security, the setup dialog will open automatically the next time you sign in to the CrashPlan app. Skip Step 1 and Step 3, and proceed directly to setting up your key in Step 2.

Step 1: Change your Account Encryption Key Security setting

  1. Open the CrashPlan app and sign in.
  2. Click Settings.
  3. Select the Security tab and click Upgrade.
    If this tab or button is unavailable, your administrator has locked this setting.
  4. Select Custom key.

Step 2: Set up your custom key

You can create a custom key in four different ways. Choose the method that works best for you:

  • Option A: Import a text file (Best for duplicating a key across multiple devices)
    1. Click Custom Key > Enter key > Import.
    2. Select a plain text, UTF-8 encoded file containing only your key (typically a .cpkey file) and click Open.
    3. Click Save.
  • Option B: Paste from clipboard
    1. Copy your custom encryption key from a plain text editor to your clipboard.
    2. In the CrashPlan app, click Custom Key > Enter key.
    3. Select Paste from clipboard and click Save.
  • Option C: Enter a passphrase
    • Click Custom Key > Enter key > Passphrase.
    • Enter a passphrase.
    • Click Generate Key and then Save.
  • Option D: Let the CrashPlan app generate a key
    • Click Custom Key > Enter key > Generate key.
    • CrashPlan will generate the text for your new key. Click Save.
Security menu with custom key selected

Step 3: Confirm your security upgrade

  1. Read the on-screen warnings carefully.
  2. Check the box for I understand the risks.
  3. Check the box for I agree to delete my backups on all of my devices to confirm you are starting fresh.
  4. Click Save to permanently upgrade to a custom key. A success message will appear.
Changing encryption key security warning acknowledgement

Step 4: Export and securely store your key

CrashPlan strongly recommends exporting your key for safekeeping. You will need it to restore files or replace your device.

  1. From the Security tab in the Device Preferences menu, click Export.
  2. Enter a name and location to save the .cpkey file.
  3. Click Save.

Note about key file handling
Do not open the key file in a word processor like Microsoft Word, as it may introduce hidden formatting characters that will corrupt your key. Only use plain text editors like Notepad.

Additional resources

Was this article helpful?
0 out of 0 found this helpful