ClickSoft: Folder Locker — Secure Your Files in Seconds

How ClickSoft’s Folder Locker Keeps Your Data Private

ClickSoft’s Folder Locker protects files by combining access controls, encryption, and secure storage practices:

Encryption and storage

• AES-256 encryption: Files are encrypted on disk with AES-256 before being written to storage, preventing unauthorized reading if the storage medium is accessed directly.
• Local-only encryption keys: Encryption keys are generated and stored locally (not uploaded to cloud services), keeping key material under the user’s control.
• Secure temporary file handling: Temporary files are written to encrypted containers or securely wiped after use to avoid data remnants.

Access controls

• Password protection: Folder access requires a strong master password; incorrect attempts can trigger lockouts or time delays.
• User account integration: Optionally ties access to the OS user account or biometrics (Windows Hello, Touch ID) for additional convenience and security.
• Role-based permissions: Shared folders can be assigned read-only or full-access roles to limit what collaborators can do.

Authentication and recovery

• Two-factor authentication (optional): Adds an extra verification layer via authenticator apps or recovery codes for account-level actions.
• Encrypted recovery options: Recovery keys or hints are themselves encrypted; the app provides secure export/import of recovery tokens.

Secure sharing and collaboration

• Protected sharing links: Shared folders generate time-limited, password-protected links or require recipient authentication.
• Audit logs: Track access events and changes to folders so you can review who accessed what and when.

Anti-tampering and integrity

• Integrity checks: Hashing and signature verification detect tampering or corruption of locked folders.
• Fail-safe lock state: On suspicious activity (multiple failed logins or file tamper), folders can automatically re-lock and alert the user.

Privacy-preserving design

• No cloud telemetry by default: Minimal or no telemetry is sent; when present it’s anonymized and limited to usage metrics.
• No plaintext backups: Backups created by the app keep data encrypted; metadata exposure is minimized.

Best practices for users

1. Use a strong, unique master password and enable two-factor authentication.
2. Keep encrypted recovery keys in a separate secure location (hardware token or offline storage).
3. Regularly update the app to receive security patches.
4. Avoid storing keys or passwords in plain text on the same device.

If you want, I can write a short user-friendly explainer (200–300 words), a technical whitepaper outline, or a checklist for secure setup—tell me which.