A keyfile is a file that is combined with a password for file encryption. Using a keyfile alongside a password will provide additional security.

You can also use a keyfile instead of a password, but I advise against doing this as keyfiles have to be stored on disk, whereas passwords can be memorised. Using a password as well as a keyfile provides the best security.

Generating & Selecting Keyfiles

To randomly generate a keyfile, click File => Create Keyfile. The generated keyfile will be automatically selected. To select a keyfile, go to File => Select Keyfile.

Randomly generated keyfiles are 64 bytes (512-bits) in size and given a random name followed by the '.key' extension. You can rename keyfiles to whatever you'd like, but do NOT modify the contents of any keyfiles.

WARNING: If you lose a keyfile or the keyfile has been modified, then any files encrypted using the keyfile will not be decryptable.

Why should I use a keyfile as well as a password?

Keyfile Recommendations

I strongly recommend randomly generating keyfiles using Kryptor. Randomly generated keyfiles have a higher entropy than ordinary files, meaning they're more secure.

However, any type of file (e.g. mp3, jpg, zip) can be used as a keyfile as long as it is at least 64 bytes long. This means you can essentially hide your keyfiles by selecting regular files. However, any files you select must NOT be modified.

Keyfiles should be stored on a USB or external hard drive. I recommend keeping several backups of your keyfiles.