Cryptomator is a free, open-source encryption program that ranks among our best TrueCrypt alternatives. It also earned a nod in our best encryption software guide due to its easy-to-understand interface. It’s excellent in most areas, but Cryptomator still falls behind in a few places when compared to paid encryption services.
In this Cryptomator review, we’re going to take a deep dive into the service, talking about its features, security and user experience. In addition to determining how secure Cryptomator is, we’ll also see how easy it is to use, which, for open-source software, is important.
We’re seriously impressed by Cryptomator as a free piece of software. It’s surprisingly easy to use and comes with top-notch security, to boot. However, its free nature bleeds into other areas. Cryptomator lacks features, such as sharing and direct cloud storage integration, which may be deal breakers for you.
Strengths & Weaknesses
- Open source
- Easy to use
- Mobile apps available
- Active community
- Dense support documentation
- Lacking features
- No sharing functionality
- No contact options
Cryptomator is a focused application, and because of that, it’s light on features. Sharing isn’t an option, and there are only a handful of settings to tinker with. Furthermore, Cryptomator can’t encrypt entire disks, which is something offered by some paid competitors.
The settings are mostly focused on organization. You can change where your drive is mounted, rename name it and assign it a custom mount point, but that’s about it. If you’re an advanced user, you can also specify custom mount flags, which can change how the virtual drive is mounted. Although neat to see, we don’t imagine many people will take advantage of this feature.
Using Cryptomator on iOS and Android
Cryptomator offers an iOS and Android application, as well as an installation on Linux through the console. Like many other file encryption services, you can also run Cryptomator in a sort of “portable” mode, though it’s not as fluid as some of the paid counterparts.
Boxcryptor, for example, offers an install-less application that you can run on any machine. Simply load the file onto a USB drive, plug it into a computer and do whatever you need to do.
Cryptomator can recognize existing vaults, but it doesn’t offer an install-less application. That said, in a pinch, you can redownload Crytomator and still access your vaults on another computer.
The mobile apps actually offer more functionality than the desktop app, in that they integrate directly with Dropbox, Google Drive, OneDrive and WebDAV-based cloud storage services (read our Dropbox review and Google Drive review).
Additionally, you can store a local copy of the encrypted information if you’re using a different cloud service, such as Sync.com (read our Sync.com review).
The only real feature Cryptomator offers is Sanitizer, though it’s a lot less exciting than it sounds. Sanitizer is a console tool built for troubleshooting vaults. If, for whatever reason, there are corrupted files in your vault or you can’t decrypt using your master password, you can use Sanitizer to detect issues in the encrypted folder.
All you need is Java 9 or later and the Sanitizer JAR file, which you can download from Cryptomator’s website. After specifying the path and entering your password, Santizer will scan your vault for any issues and notify you of the number of critical errors, general errors and warnings.
However, Sanitizer won’t fix your vault. It’s simply a tool to find the errors, not resolve them. Thankfully, it spits out a few files that you can send to Cryptomator for further troubleshooting.
|File size limit||Unlimited|
|File extension restrictions||Unlimited|
|Cloud storage integration|
|Payment methods||Bitcoin, PayPal, credit cards, bank transfer|
|Master password hashing|
Cryptomator is donation-ware, meaning that although the software is technically free, donations are accepted and encouraged. Unlike VeraCrypt, Cryptomator is a bit more forward in asking for donations (read our VeraCrypt review). Seeing how easy to website is to use, though, we don’t mind.
It’s forward, yes, but not annoying. Cryptomator’s website has a donation section on the front page, and if you choose not to donate, they’ll ask one more time. However, once you download the application, there isn’t any pestering. We appreciate this approach a lot; Cryptomator asks for what it needs without devolving into begging.
If you choose to donate, you can pay with PayPal, credit cards, a bank transfer or cryptocurrency. The website allows you to specify your donation in pounds, euros or U.S. dollars, so if you’re using another currency, you’ll have to do some conversion on your own.
Additionally, you can leave a message with your donation, if you feel like passing some encouragement along to the development team.
As a cloud-focused encryption software, Cryptomator does everything it can to keep your files safe. Instead of protecting your information from theft, it’s more focused on safeguarding against online storage services that want to meddle in your files. The stakes are lower with Cryptomator, but it can still go toe-to-toe with the best of them when it comes to security.
Cryptomator makes it clear that its focus is not on local protection. Instead, it’s focused on encrypting files stored with online storage services. Because of that, certain information is left unencrypted, including metadata about when the files and folders were created, the size of stored files and the number of files and/or folders in a vault.
Although the focus isn’t local, Cryptomator is a local application. The password you set for your vault is never sent across the internet. Rather, it’s used to generate key files, which will authenticate you locally. Cryptomator never syncs your files and, thus, has zero-knowledge of your master password or vault contents.
Cryptomator Encryption and On-the-Fly Decryption
Cryptomator uses AES-256 to encrypt file names, headers and content on a virtual drive. It uses Dokany on Windows and FUSE on macOS and Linux as a frontend, though it will fallback on WebDAV in the event one of those frontends aren’t available.
If you’re interested in the technical aspects of Cryptomator’s security, be sure to read its writeup, as well as our description of encryption.
When using Cryptomator, your files are encrypted and decrypted on the fly, which is shown with a graph once you mount a virtual drive. Even when mounted, Cryptomator never uses or leaves unencrypted copies of your files on your hard drive. Instead, information is decrypted in real time as needed and reencrypted afterwards.
Ease of Use
Cryptomator is surprisingly easy to use. We usually expect open-source software to be difficult, while paid options emphasize usability (read our NordLocker review for an example). Cryptomator does both, offering a breezy setup process while not demanding a dime.
As mentioned, Cryptomator asks for a donation on the homepage of its website, but you can skip past that and get straight to the download. Cryptomator supports Windows, macOS, Linux, Android and iOS, and when we installed on a Windows 10 PC, everything went off without a hitch. You can also view the SHA256 sum to troubleshoot any installation issues.
The installation is shockingly straightforward. Perhaps Cryptomator’s upfront nature lends itself to a more comfortable development team. Regardless, for being free software, Cryptomator is close to the competition in terms of usability. That’s only further reinforced when it comes time to encrypt your files.
Encrypting Files with Cryptomator
The Cryptomator interface is as simple as they come. After installing, you’re greeted with a blank list and an arrow telling you to add a vault. Cryptomator works by creating virtual drives on your computer, which you can open and decrypt using the Cryptomator software.
You don’t need to go too deep when specifying the details of your vault, either. All you need to do is click the plus icon, choose a name, choose a location and add your files.
After doing so, you can set the password for your vault. Cryptomator makes it clear that it’s important to remember your password. Because of the zero-knowledge model, there’s no way to recover your data in the event you forget your password.
Cryptomator will automatically lock the vault. On Windows, entering the password will mount the vault like a hard drive and open Windows Explorer. From there, encrypting your files consists of dragging them to the mounted drive and clicking “lock vault” when you’re done. Cryptomator will show a graph of your files as they’re being encrypted and decrypted.
After locking your vault, there are a few options you can mess with. Cryptomator allows you to rename the drive and assign it a different letter, mount it at a custom point and auto-unlock at startup. None of the options are too intense, but Cryptomator still gives you a few choices in the way of customization.
It’s worth noting that Cryptomator can discover vaults stored on other machines. If you’re moving to another computer, for example, you can transfer your encrypted folder over and unlock it with any installation of Cryptomator. Below, you can see an example of how folders look once they’re encrypted.
File Sharing & Storage
Cryptomator doesn’t directly integrate with cloud storage services like Boxcryptor does (read our Boxcryptor review). It’s not hard to save your encrypted files to cloud storage services, though the lack of a single encrypted file can make getting set up difficult.
When creating an encrypted folder hierarchy, you generate multiple folders and subfolders for wherever you want the vault stored. Although Cryptomator can easily make sense of the gibberish sprawled across each file and folder name, you’ll still have to deal with the hierarchy.
Because of that, encrypting files and moving them over to cloud storage can be cumbersome, as missing a crucial element here or there could make the vault unreadable. The best case scenario is to start storing your encrypted folders in cloud storage from the get-go. That way, Cryptomator can create and update the folder hierarchy.
Before getting into syncing, we want to talk about sharing. Cryptomator doesn’t have any sharing functionality. Although you can easily send an encrypted folder to someone, they’ll need a copy of Cryptomator and your master password to unlock it. You can’t share like you would with NordLocker or Boxcryptor.
Syncing Cryptomator with Dropbox, Google Drive and OneDrive
When using Cryptomator, you’ll want to create your virtual drive directly in your cloud storage provider of choice. For example, using OneDrive, we created a new vault inside the OneDrive folder on Windows (read our OneDrive review). That way, you don’t have to worry about missing a critical file if you’re moving a vault over to cloud storage.
From there, it’s just a matter of dragging in the files that you want to encrypt and locking the vault. Cryptomator will get to work encrypting your files right away, and your cloud storage service should pick up on the changes.
Cryptomator has surprisingly good support for being open-source software. The community and documentation is strong, so you should find answers to most questions. That said, there aren’t any contact options available.
Unlike most open-source software, Cryptomator has a dedicated support page, which you can access from the website. There, you’ll find links to Cryptomator’s documentation and community forums. You can also request to cancel your recurring donation on the support page if you have one set up.
The documentation is technical, but Cryptomator doesn’t make it univiting. Installation and functionality are covered in simple terms for each platform Cryptomator supports, with the more advanced topics, such as encryption, getting the technical treatment. It’s not a knowledgebase, per se. Rather, the documentation covers what Cryptomator is and how it functions, nothing more.
Finding Support in the Cryptomator Community
If you need direct support, the Cryptomator community is your only option. There are no contact options, not even so much as an email. Thankfully, members of the Cryptomator team are active on the forums and, from what we can tell, answer questions in a timely manner.
Looking through recent threads, the most technical questions received answers within a matter of minutes from Cryptomator team members. Some other topics — such as “boxcryptor vs. cryptomator” — consist mainly of other users’ replies (though we have our own Cryptomator vs Boxcryptor comparison you can read).
For what Cryptomator is, the support options are good. With a lack of email support, though, it can’t go toe-to-toe with its paid competitors. However, as open-source software, we’re impressed by the active community and technical, yet accessible, documentation.
Cryptomator is a breath of fresh, open-source air. Although it’s not the only software of its kind, it’s the only one to handle encryption so seamlessly. It’s easy to use, and although it’s lacking features, we can’t ask for much more from free software. If you’re looking to encrypt your files stored in the cloud, Cryptomator is a great way to do it for free.
What do you think of Cryptomator? Are you going to give it a download? Let us know about your experience in the comments below and, as always, thanks for reading.
- After downloading Cryptomator, you can create a vault using the plus icon in the application. Give the vault a name, choose a location and set a password. After that, you can mount your vault as a virtual hard drive and drag your files into it. Cryptomator will automatically begin encrypting the files.
- Cryptomator uses AES-256 encryption to hide file names, content and headers. It uses transparent encryption, meaning you can see the cipher text stored once the encryption has finished. Using brute force methods, it would take multiple billions of years to crack a vault, meaning Cryptomator is secure to use.