Hi Ian,
Good to hear that! Just storing the .encfs6.xml files in a central place is not enough in case a user forgets his password. BoxCryptor uses two keys:
a) Master Key: It's derived from the password.
b) Volume Key: Generated randomly when you create a new BoxCryptor Folder. Actually used to encrypt/decrypt all files within the BoxCryptor Folder.
The Volume Key is stored in the .encfs6.xml, but in order to protect it from third-parties, it is not stored there in plaintext. BoxCryptor uses the Master Key to encrypt the Volume Key and then stores the result in the .encfs6.xml file.
--> So if you have the .encfs6.xml file you still need to know the password (=Master Key) to get access to the Volume Key.
If you don't want the central point to know the actual password used, you could do the following:
1) User creates a new BoxCryptor Folder and uses a strong, random password (PW_RAND)
2) User sends the .encfs6.xml file together with the random password (PW_RAND) to the central point. (Communication must be secure, because this information can be used to decrypt the files!)
3) User uses the "Change Password" feature in BoxCryptor to use a password of his choice (PW_USER).
4) Setup is complete and the user can start encrypting his files.
If the user then forgets his password or the .encfs6.xml file gets lost or damaged, you can restore the .encfs6.xml from the central point and open the BoxCryptor Folder using the random password (PW_RAND). Still, the central point does not know the actual password of the user.
I hope I could help you. Don't hesitate to ask if you need more input.
Best,
Robert
