Skip to end of metadata
Go to start of metadata





Valid password modes

There are two different cases in which the user of Cryptshare must choose from the permitted password modes.

  1. QUICK is disabled
    Sets the permitted password procedures for performing a transfer.
  2. QUICK is activated
    This is a transfer that is also used to activate a QUICK connection to the selected recipients.

It is possible to define different combinations of password modes, which are available to the user depending on the option selected above. In principle, for each option at least one valid password modes must be selected.

No Password

This option allows your users to send a transfer without having to deal with a password. Cryptshare still generates a secure password in the background and uses it to encrypt the transfer. But the password will be sent to the recipient in plain text as part of the download link in the notification email. So security is significantly lower. Anybody who gets access to the notification email in transit or in the recipient's mailbox will have access to the files without first having to contact the sender for a password. The level of encryption and protection on the Cryptshare Server is identical to transfers with auto-generated or manually created passwords.

Enter Password

This option allows the user to set a password manually. You can specify how secure the password has to be by defining which characteristics the password needs to fulfill.

Generate Password

This option will generate a secure password fulfilling all the requirements that you have set. The password will be shown to the user who can then copy it to the clipboard.

QUICK Mode Settings

QUICK Mode

This option determines which initial setting should apply to the transfer.

Activated: Activate this option if you want QUICK Mode to be activated by default.

Enabled if established: Activate this option if you want to activate the QUICK mode when all selected recipients already have a configured QUICK connection.

Deactivated: Activate this option if you want QUICK mode to be switched off by default.

QUICK mode changeable

Activate this option if the user should be able to change the state defined in QUICK Mode.

Security Requirements for passwords

Passwords must contain numbers

Enable this setting to force ciphers within the password.

Passwords must contain alphabetical characters

Enable this setting to force alphabetical characters within the password.

Passwords must contain special characters

Enable this setting to force special characters within the password.

Passwords must be upper and lower case

Enable this setting to force upper- and lowercase letters within the password

Passwords may not be common words

Enable this setting to countercheck the password, or parts of the password with a dictionary to force users not to use common words in the password.

The dictionary consists of English and German words and is applied independently from the language selected in the User Interface.

Customizing the dictionary

You can edit the dictionary and add or remove words which will be rejected as passwords. When adding a new word to the dictionary, please make sure to insert it into the correct line as Cryptshare expects the list to be sorted lexicographically (though capitalization is ignored). Be aware that the password check only considers words with a minimum length of four letters.

Linux: /opt/cryptshare-3/resources/lang/dict/words.lst

Windows: %programfiles(x86)%\befine solutions AG\Cryptshare-3\resources\lang\dict\words.lst


Character repetitions or character sequences are not allowed

Enable this setting to deny the use of character repetitions or sequences within the password. This applies to the following patterns:

Sequence Type
Examples
Keyboard Sequencesqwert, asdfg, etc.
Alphabetical Sequencesabc, xyz. etc.
Numeric Sequences123 etc.
Character Repetitionsaaa, zzz, 111 etc.

The patterns mentioned above are recognized as such beginning with a length of three characters.

Minimum/Maximum Password Length

Forces users to use a minimum/maximum number of characters for the password.

Effects on password generation

The minimum length also determines the length of the automatically generated passwords.

During password generation, compliance with the activated password rules (see above) takes precedence over the length specifications (minimum/maximum). This means, for example, if numbers, special characters, lowercase letters and uppercase letters are required, the generated password is at least four characters long, even if the maximum password length is smaller.

Whitespaces within passwords

This setting generally applies and is not visible in the Administration Interface. It forces the users not to use whitespaces within the password, such as 'tab', 'blank space' etc.

Table of Contents


Blacklist Characters/Invalid Characters

Characters in this field will not be allowed independently of what has been configured above. If a user enters a password containing one of these characters, the password will not be accepted.

Only for automatically generated passwords

If this option is enabled the blacklist character list will not be taken into consideration for passwords entered manually. Only passwords generated automatically will be affected. This means, that automatically generated passwords won't contain any of the specified characters.

Compatibility

Please use this feature only if you are using the web frontend only.

Do not use this feature if you using any of our email integration products or APIs as this may currently lead to passwords being created or entered which are not accepted by the server. Future versions of our email integration add-ins, Robot and APIs will be able to work with the blacklisted characters correctly.





  • No labels