-
Notifications
You must be signed in to change notification settings - Fork 16
4. Migration and Backups
Before a vault is unlocked, its configuration files are read — including the version it was created with. If the vault uses outdated features, a migration prompt will appear. You can then choose to migrate the vault to the next major version by entering your credentials within the app.
Warning
Migrating a vault will modify its configuration files and, in some cases, the encrypted data itself. Always create a backup before starting the migration process.
To access your vault, its configuration version must match the format supported by SecureFolderFS. If migration is available, you must complete it to continue. Alternatively, you can downgrade to an older version of SecureFolderFS that supports your current vault format.
If the app cannot read the vault configuration and does not offer a migration option, you may be using an outdated version of SecureFolderFS. In that case, please update to the latest version.
- Added support for Base4K name encoding to combat long file names
- Added support for the Recycle Bin feature
- Added support for Android Biometrics authentication
- Added support for Face ID and Touch ID authentication
- Added support for complementing the configured first-stage authentication method
- Dramatically improved unlocking performance thanks to adjusted Argon2id KDF parameters
- Added support for Key File authentication
- Added support for Windows Hello authentication
- Added support for the second-stage login method
It is strongly recommended to regularly create and manage backups of the data stored in your vaults. While data loss due to file system engine errors is extremely rare, having up-to-date backups can be invaluable in the event of unexpected corruption or hardware failure.
When backing up your vault, keep in mind that configuration files keystore.cfg, sfconfig.cfg, and similar contain keys protected by your current credentials. If you later change your credentials in the active vault, the credentials stored in the backup will remain unchanged unless you update them as well.
Neglecting this may introduce a security risk, as older credentials could become a potential attack vector if the backup is leaked or compromised. Always treat configuration file backups with the same level of protection as your vault data.
You may choose to use any external data backup apps. Your data can be backed up to a cloud storage, external devices, or other storage drives.
The authors of SecureFolderFS do not endorse any specific solutions offered by third parties. Use at your own discretion.
Tip
When using a backup tool, ensure it captures both encrypted content and configuration files. Omitting any part may result in unusable backups.