Managing Your Private Encryption Key for Carbonite Safe
- This article is for Windows only
For an added layer of security, Carbonite allows you to manage your own encryption key for Windows during the initial install process. If you choose to manage your own encryption key, Carbonite will prompt you to save a .PEM file, which Carbonite will reference to encrypt your personal files before transmitting them to our servers. Carbonite will not keep a copy of your private encryption key so if you lose it, your backed up data will be unrecoverable by Carbonite. Unless you are experienced at managing encryption keys or have a special need to do so, we strongly recommend that you do not choose this option.
- Customers who choose to manage their own encryption key will not have the ability to use Anytime Anywhere Access, nor can they request Courier Recovery.
While managing your key, you will be the only individual capable of installing the Carbonite subscription associated with it. After Carbonite has been installed with the private encryption key, you can back up or restore any of your files without needing the key unless you need to install Carbonite again.
- If you choose to let Carbonite manage your encryption key for you during the initial installation, you will be unable to manage your encryption key for that computer.
The sections below are collapsed. Please click the section title to open / close a particular section.
If you choose to manage your own private key, we highly recommend that you store at least two separate copies of the key on removable media, and store at least one copy of the key in a separate physical location, such as a safe deposit box.
To manage your encryption key, select the Advanced Settings link at the bottom of the Automatic settings page during the initial installation.
After choosing your initial backup preferences and specifying whether you would like to set a backup schedule, you'll be able to opt to manage your encryption key.
On the Encryption key page, information will be displayed about your Carbonite encryption key. If you wish to manage your key, select the Manage your own encryption key option and click Next.
A page with information about managing your encryption key will be displayed. If you would like to add a password for your encryption key, click Password protect your encryption key and fill out the appropriate fields. If you choose this option, the password will be required to unlock the encryption key file. We recommend that you choose a password that is different than your Carbonite log-in password.
- Remember, if you do not have your private encryption key when it comes time to restore, your backed up data will be unrecoverable by Carbonite.
Then, place a mark in the I understand I will not be able to restore my files if I lose my key checkbox and click Save my encryption key to choose a location to save your private encryption key. We highly recommend you save the encryption key to removable storage.
- If you aren't completely sure whether you should manage your own private encryption key, we strongly recommend that you allow Carbonite to manage the key for you.
A Browse For Folder window will be displayed. Select a location to save the file and click OK.
When a confirmation that the encryption key has been saved is displayed, click Start Backing Up to continue with the installation. If you decide later to let Carbonite manage your key again, you can upload your key through your Carbonite account.
In order to reinstall Carbonite, you will need access to your private encryption key. You will also need to know your encryption key password, if you created one.
During installation, you will be prompted to load your encryption key. To load your encryption key, select Browse... to the right of the Load encryption key field.
Browse to the location of your encryption key. Once selected, click Open.
Once you have selected your encryption key and entered your encryption key password (if applicable), select Load Encryption Key.
If you did not create an encryption key password when you elected to manage your own encryption key, you may leave the Encryption key password field blank and then select Load Encryption Key. After this point, you can reinstall Carbonite Safe as normal.
If you are managing your private encryption key, you will not be able to use the Anytime Anywhere Access or Courier Recovery features of Carbonite. In order to enable these features, your key will have to be uploaded to the Carbonite servers. You can do so with the following instructions:
First, locate your encryption key file. (This is the file that was saved during the installation.) By default, the file is named Carbonite-Encryption-Key.pem
Sign into your account at https://account.carbonite.com.
Once signed in, click the Upload My Encryption Key option in the Computer options menu for the backup whose encryption key you wish to upload.
If a password was specified when your key was created, type it in the space provided and click the Browse button. Then browse to your encryption key file, select the file and click OK.
Click Upload Key File and we will store your encryption key for you.
When your key has been uploaded to Carbonite, you will receive verification that the encryption key has been uploaded successfully.