1: Password remembered:
This option is justified in some cases. For example you do
not fear the theft of data on your computer but you often carry important data
on mobile media. If that media is stolen, you don't want that data to be usable.
This option allows you not to have to enter your passwords each time you open a
file or folder, but your documents are perfectly protected during transport.
This protection option will also be sufficient if it is a question of protecting
data against unauthorized access by the network etc. The password is memorized
in an encrypted way and only for the user profile.
Numeric key file:
This field allows you to
possibly memorize the access path of the file which you use as a digital
signature for opening files and folders protected using algorithms offering this
possibility. (see: Using digital signature
3: Cleaning up residual data on the
option enables the disk cleaning function and the numeric field next to
configure the number of cleaning passes:
When you perform the encryption of a file or a
folder, the program creates a new file representing the encrypted document then
erases the unencrypted file (s) from the disk. Unfortunately, simply deleting a
file from a hard drive removes its entry in the disk allocation table so that if
you look at the contents of the disk, the file no longer appears although all
the data is still present in them. sectors of the disk until they have been used
by another file. These data can be recovered by using specialized software or by
reading the disk sector by sector. The disk cleaning function will replace all
the bytes of the unencrypted files with an alternating mask value (FF and 00)
before deleting the files which will amount to leaving instead of the files
spaces equivalent to a disk space formatted. The numeric field associated with
this checkbox allows to choose the number of passes and for each pass the values
FF and 00 will be inverted so as to carry out maximum magnetic
modifications on the surface of the disc; because there are techniques still
making it possible to recover data by scanning the surface of formatted disks on
the edges of tracks due to the difference in the positioning of the heads on the
disk according to the direction of movement of these and small mechanical
defects . In practice, it is not necessary to select more than 2 passes for
reasons of execution time. Studies have been done on this subject and it appears
that from 2 masking passes it is extremely difficult to recover anything on a
hard drive. The means to be implemented become very heavy and are therefore
reserved for research in very special fields. CAUTION: Disk cleanup is not
guaranteed if you lock folders or files on another computer over the network.
This function is useless if all the documents you are using are on an SSD drive.
4: Cleaning up residual data in memory:
If you are using virtual memory on
your computer (default configuration) Windows maintains a copy of the contents
of memory in a large file located by default at the root of your system disk.
Another copy of your memory is available on disk if you have enabled hibernation
on your system. In the event of recovery of a hard drive on a switched off PC,
it therefore becomes possible to recover data that has been used in memory. This
function will therefore proceed in the same way as for masking the hard drive
sectors but with all the memory space used by the program to encrypt the data.
In practice, use the same number of passes as for cleaning the disk. If you are
using WinSesame only to protect data against the theft of portable hard disks
(USB sticks) but do not fear for the disks located on your PC, there is no need
to activate this function. This feature is unnecessary if your operating system
is installed on an SSD drive.
5: Do not remember the
default when opening a protected folder or file, WinSesame memorizes in the
registry (in an encrypted manner) the password, the encryption algorithm and the
path of the digital key file, if any for allow it to be relocked more quickly
without having to provide this information again. This is not only practical but
also helps prevent errors in entering passwords with the risk of data loss.
Under these conditions, the password remains associated with this document and
never changes. The registry entry is deleted as soon as you close the protected
folder or file. This function is therefore safe and presents no risk. On the
other hand, it can be temporarily inhibited from the unlock window if you wish
to change the password, the analogorithm or the digital key file of a protected
folder or file or if you no longer want to protect a folder. or file.
6: Do not automatically lock:
WinSesame has a function that automatically locks
all protected folders or files that have been opened. If you check this box, the
files or folders that you unlock will not be added to the list of folders or
files to be locked and will not be closed automatically by the function. It is
not advisable to check this box because you risk forgetting to close important
documents, but if the need arises you can do it from time to time from the
7: Show passwords in plain text:
If you work
alone in your office or use the program to protect your data in the event your
mobile media are stolen, it is not necessarily useful to hide your passwords
since no one is looking over your shoulder. You can therefore display the
passwords in clear which is more practical and can sometimes avoid entry errors.
If you have chosen to display passwords in plain text by default and need to
enter a password when you are not alone in your office, just click on the button
next to the field the password so that it is hidden.
Note: in the case of the automatic
locking function of a folder or file without having to re-enter the password, it
will always be hidden.
8: Automatic confirmation:
If you display
passwords in clear text it is not essential to have to confirm the password
(unless you are using very long passwords). If this box is checked, the entered
password is automatically copied into the confirmation field. Automatic
confirmation is only available if the display of clear passwords is enabled.
9: Overwrite protection:
If you already have a locked folder
named My Folder, nothing prevents you from creating a new normal folder also
named My Folder. On the other hand, the overwrite protection will prevent you
from overwriting your locked folder by locking the normal folder or vice versa.
It is strongly recommended not to uncheck this box as there would be a risk of
10: No automatic opening:
By default when you unlock a
protected folder, it opens automatically in windows explorer and when you unlock
a protected file it opens automatically in the application provided for this
type file. If this behavior bothers you, you can check this box. Folders or
files no longer open automatically but are simply unlocked.
This button allows you to choose the language in which the program is
displayed: English, French, Spanish, Portuguese.
Respect the read-only attribute:
In principle a file marked read-only should not be able to be
encrypted since this amounts to modifying it. Therefore, WinSesame removes the
read-only attribute from the files it needs to protect. If you have a problem
with this, check this box to force WinSesame to respect this attribute. However,
you can no longer lock files marked read-only.
13: Do not
delete the encrypted archive:
If you choose this option at the end of unlocking, the locked
folder or file is not deleted and you get 2 folders or files. This configuration
is not very useful as the default configuration but can be useful for quickly
accessing the contents of a large locked folder in order to extract a file that
you do not need to edit. You then simply delete the unlocked folder without
needing to relock it since the original is still present. CAUTION: If you delete
files from your hard drive, their location will not be hidden. Do not use this
option if this aspect presents a risk to you.
If this box is checked, when you lock a file or a folder, WinSesame
creates a self-extracting archive containing the encrypted data as well as the
executable necessary to open the data. A WinSesame self-extracting archive can
be opened on a computer or WinSesame is not installed. This function is rarely
used as the default configuration but is useful occasionally from the lock
window to allow you to make a protected copy of a file or folder and send it to
a correspondent without him needing to install WinSesame on his computer (email,
protected download, sharing etc ...) See: The self-extracting
archives WinSesame .
15: Encryption algorithm:
Allows you to
choose the default encryption algorithm that you can of course change at the
level of the lock window. WinSesame has 6 encryption algorithms. Unless there
are special reasons, it is recommended to always use the most powerful WNS1040
algorithm. See: Information on
encryption algorithms .