Carbonite Support > Managing Your Private Encrypti...

Our product offerings have been renamed. Carbonite Home Backup is now Carbonite Safe Backup, and Carbonite Office Backup is now Carbonite Safe Backup Pro.

On May 22 and May 24, we will be performing scheduled server maintenance which will temporarily prevent some of our users' backups and restores from progressing. Please rest assured that all backed up data will remain safe. The maintenance will complete within 24 hours, and any affected users will return to normal operation at that time. We appreciate your patience and apologize for any inconvenience this may cause.

Managing Your Private Encryption Key for Carbonite Safe

  • This article is for Windows only

For an added layer of security, Carbonite allows you to manage your own encryption key for Windows during the initial install process. If you choose to manage your own encryption key, Carbonite will prompt you to save a .pem file, which Carbonite will reference to encrypt your personal files before transmitting them to our servers. Carbonite will not keep a copy of your private encryption key so if you lose it, your backed up data will be unrecoverable by Carbonite. Unless you are experienced at managing encryption keys or have a special need to do so, we strongly recommend that you do not choose this option.

  • Customers who choose to manage their own encryption key will not have the ability to use Anytime Anywhere Access, nor can they request Courier Recovery.

While managing your key, you will be the only individual capable of installing the Carbonite subscription associated with it. After Carbonite has been installed with the private encryption key, you can back up or restore any of your files without needing the key unless you need to install Carbonite again.

  • If you choose to let Carbonite manage your encryption key for you during the initial installation, you will be unable to manage your encryption key for that computer.

The sections below are collapsed. Please click the section title to open / close a particular section.

Managing Your Private Encryption Key

If you choose to manage your own private key, we highly recommend that you store at least two separate copies of the key on removable media, and store at least one copy of the key in a separate physical location, such as a safe deposit box.

To manage your encryption key, select the Advanced Settings link at the bottom of the Automatic settings page during the initial installation and click Next.

Install options

After choosing your initial backup preferences and specifying whether you would like to set a backup schedule, you'll be able to opt to manage your encryption key.

On the Encryption key page, information will be displayed about your Carbonite encryption key. If you wish to manage your key, select the Manage your own encryption key option and click Next.

Manage Encryption Key

A page with information about managing your encryption key will be displayed. If you would like to add a password for your encryption key, click Password protect your encryption key and fill out the appropriate fields. If you choose this option, the password will be required to unlock the encryption key file. We recommend that you choose a password that is different than your Carbonite log-in password.

  • Remember, if you do not have your private encryption key when it comes time to restore, your backed up data will be unrecoverable by Carbonite.

Then, place a mark in the I understand I will not be able to restore my files if I lose my key checkbox and click Save my encryption key to choose a location to save your private encryption key. We highly recommend you save the encryption key to removable storage.

Save Encryption Key
  • If you aren't completely sure whether you should manage your own private encryption key, we strongly recommend that you allow Carbonite to manage the key for you.

A Browse For Folder window will be displayed. Select a location to save the file and click OK.

Save Encryption Key

When a confirmation that the encryption key has been saved is displayed, click Start Backing Up to continue with the installation. If you decide later to let Carbonite manage your key again, you can upload your key through your Carbonite account.

Uploading Your Private Encryption Key

If you are managing your private encryption key, you will not be able to use the Anytime Anywhere Access or Courier Recovery features of Carbonite. In order to enable these features, your key will have to be uploaded to the Carbonite servers. You can do so with the following instructions:

First, locate your encryption key file. (This is the file that was saved during the installation.) By default, the file is named Carbonite-Encryption-Key.pem

Carbonite Encryption Key

Sign into your account at

Sign In

Once signed in, click the Upload My Encryption Key option in the Computer options menu for the backup whose encryption key you wish to upload.

Upload Your Encryption Key page

If a password was specified when your key was created, type it in the space provided and click the Browse button. Then browse to your encryption key file, select the file and click OK.

Click Upload Key File and we will store your encryption key for you.

Upload Your Encryption Key page

When your key has been uploaded to Carbonite, you will receive verification that the encryption key has been uploaded successfully.

Key Succesfully Uploaded