How AxCrypt stores decrypted copies on Your drive... Is VeraCrypt the same?

[mike]

Hi
Just found out how AxCrypt is not safe and want to make sure that in case of hardware problems or system failure or suddenly USB drive is removed form the PC that these things won`t happen. Please read what happened while using AxCrypt.

So I was using a USB bootable drive where had a fresh Windows 10 system installed.  I was booting my WIN 10 from pen drive and using it on different PC. I downloaded and started using AxCrypt as was described on many forums and websites as one of the best encryption software. Yes, its easy to use and Yes seemed fine. But not anymore. 

So I had quite a few files encrypted but what I was really important that was one .txt file with my passwords, btc wallet addresses, and passwords, some personal sensitive information, etc.  So that one file was everything to me and didn't want anyone unauthorized to access it. Everything was fine as I thought and one day I inserted another pen drive while running OS from a pen drive and wanted to format it but by accident ticked the one that had my OS on it. There was an attempt to format and then after 2sek, my OS crashed.  I was terrified as there was a lot of my savings on these accounts. And the thing is in that OS i had AxCrypt installed under some burner email as I didn`t know if it's safe to give Yours as it might be accessed and then... You understand my worries. So I didn't remember what my AxCrypt email/id was I just knew the password so wanted to recover some information from AxCrypt folder hoping I will find some files with email I used. First I had to use MiniTool recovery software to recover partition and then started looking... I came across AppData than Local than AxCrypt and than some subfolders. In one of the subfolders, I found the file I was using decrypted. The last date modified on that file was a day before from the system crash. Even though from that date I accessed that file many, many times.  I was happy I got all my passwords and notes etc, etc but at the same time terrified that my data wasn't protected for all that time. 

SO MY CONCLUSION is that AxCrypt MIGHT work and protect Your files but DEFINITELY WON'T PROTECT YOUR FILES WHEN SOMEONE HAS PHYSICAL ACCESS TO YOUR DEVICE, IT BECOMES USELESS.

Even if the file was created at the time of the system crash (which wasn't because was created over 24h before) it DOES NOT matter. I would and many of users already agreed with me, prefer to lose the latest information which hasn't been saved than let to store for such a long time an unencrypted copy of that file where anyone who has access to the device can access it.  That makes no sense. And just to mention there were 4 more subdirectories with files I haven't used in weeks - also decrypted. 

So I feel that information should be available to people who want to use this software to warn them that if they are using it on their laptop or USB drive which can be stolen/lost/accessed at work etc, etc, they should be aware that there are copies of their files that can be easily accessed by anyone with minimum knowledge how to use a PC.

Of course, I will never use AxCrypt for anything that is valuable maybe in case I don't want my kids to access something but any other case there is no way after discovering that my encrypted files with strong password are easily accessed without any effort. 

So why AxCrypt keeps unencrypted copies of files for weeks?? And to make it really easy in AxCrypt folder? Why users don't know anything about it? 

[Kurt Fitzner]

AxCrypt is a file encryptor. It does not encrypt partitions or drives. It does not encrypt the swap space that Windows uses, and it does not encrypt temporary files. Many times when a text edititing program opens a file it creates a temporary file to work on. The directory you were looking at was likely C:\Users\<you>\AppData\Local\Temp, which is where the operating system puts temporary files for each user. This is not AxCrypt keeping around unencrypted copies. This is the operating system.</you>

VeraCrypt can be set up a little differently. You can use it to encrypt your entire boot partition. That means that everything, including swap space and temporary files, are also encrypted.

Any kind of encryption other than full boot disk encryption on Windows is, if you ask me, futile. You can't control what programs are going to use a temp file. You can't control when the operating system will swap memory out to disk. But if your whole boot drive (and any extra data drives you may have) is encrypted, then this doesn't matter.