Perhaps I forgot my back-up password.  So, in typical Macrium fashion, I followed a very odd route to changing it: I did "Edit Defaults -> Backup Password", which is the only password-change operation I could find.

Now, although I know I am using the right password (since I just changed it), I still cannot restore from the latest back-up.  Thus, Macrium is useless to me at this point.  However, on a previous machine about a year ago, I did several restores from Macrium, with no problem.

Did anything change with regard to this?  How to navigate the Macrium Maze on this?  How can I have Macrium use a back-up password that I know?

+x

 

christopherbalz - 2 February 2019 4:06 AM

Perhaps I forgot my back-up password.  So, in typical Macrium fashion, I followed a very odd route to changing it: I did "Edit Defaults -> Backup Password", which is the only password-change operation I could find.

Now, although I know I am using the right password (since I just changed it), I still cannot restore from the latest back-up.  Thus, Macrium is useless to me at this point.  However, on a previous machine about a year ago, I did several restores from Macrium, with no problem.

Did anything change with regard to this?  How to navigate the Macrium Maze on this?  How can I have Macrium use a back-up password that I know?

I thought the "backup password" option per task could apply individually to each backup you perform (i.e. can be set differently for each task).  The default setting is what it should use for new backups created in the future.  If you have already created a backup in the past, with a password, no setting is going to help you without the original password.

As Morph said, if you choose to use a password, you assume responsibility for remembering it.  Also, changing the default password does NOT affect the password of an already created backup definition.  You would have to edit the existing backup definition and select Advanced Options at the bottom of the first page of the edit process and select Password to add, remove or change the password.  However that only applies to creating new backups.  Once you have created a backup using a password, you need to know that password to decrypt it.  If changing a backup definition file could allow you to restore a password protected backup, then anyone with your backup file could set any password they wanted inside of Reflect and access your file.  

I use password protection on the backup files I keep offsite.  I have the password written down and in the same sleeve as the CD that contains my rescue media.  Obviously these comments are too late to help you with your current situation.  You are certainly welcome to blame Reflect for your predicament, but it is just the tool.

Passwords that get set affect FUTURE backups that get created.  If you're trying to access an existing backup, you need to know the password that was used to create the backup in the first place, because the password is the derivation for an encryption/decryption key.  You can't just set a new one in Reflect and expect that to work retroactively to access data encrypted under a different key.  I would also strongly recommend that you do NOT specify a password under Edit Defaults, because that will be applied to ALL future definition files you create (and any backups you create without a definition file) unless you remember to change or remove that password when setting up the job -- which means you're more likely to end up in this predicament again because you might not even realize a backup you created was password protected until much later when you tried to restore it.  Instead, create a definition file, and in the Advanced Options of that specific definition file, specify the password you want to use for backups generated by that specific job.  But passwords set in Edit Defaults or Advanced Options don't come into play during restore scenarios; again, they only come into play when future backups are being created.

If you forgot the password of previous backups, then your data is effectively lost.  There is no "I forgot my password" function in Reflect or almost any other tool that uses local data encryption, because having that "escape hatch" requires you to give some other entity your password or some other ability to decrypt your data. Microsoft and Apple offer this with BitLocker and FileVault, respectively, but since that of course introduces security and privacy concerns, those features aren't used by default even there, and I think it's fair to assume that Microsoft and Apple have much larger cybersecurity budgets than Macrium and therefore might be in a better position to store sensitive user data like that, whereas Macrium might specifically not want that responsibility even if some users wanted them to have it. And that's before considering that storing that type of user data would mean Macrium could potentially end up embroiled in legal conflicts where someone tried to compel them to release that information, and again I suspect Macrium's legal budget is rather smaller than Microsoft and Apple's.

Obviously this doesn't help the current situation, but going forward, if you don't like the idea of writing a password down as @Drac144 mentioned (though there is admittedly a case for writing things down on good old paper as long as it's secured somewhere), I personally use LastPass for things like this.  I was using it anyway to manage my website passwords, but it has a Secure Note feature that allows you to create arbitrary text files that also get stored and synced to the cloud, although the syncing is done in such a way that even LastPass can't decrypt your data, which is why I'm ok using it.  It's also got some other handy features like Emergency Access, which is designed to resolve the quandary of keeping your information confidential and secure while you're alive but making sure your loved ones (or whoever) can get access to it if you're unexpectedly incapacitated or killed, without having to resort to paper that can obviously become outdated.  LastPass has a nice solution to that.

Thanks everyone - I was able to resolve by just creating a new backup.

You know, this brings up an interesting thought for a possible feature request.  Some kind of Password Hint field that can be added to backups.  Then, a user could set some kind of hint like Windows logon accounts do for passwords.


I suppose the backup Comments field could be used for the same thing if a user really wanted to do that, though.