I read the guides but I’m still confused about how to change passwords, how they are stored, and what to do if I don’t want passwords stored on the computer. Could someone please help explain to me?
On Duplicacy Web:
I see in .duplicacy-web\duplicacy.json
file in the “credentials” block, values for the storage password (to encrypt the remote config file) and the remote storage login password (e.g. webdav_password).
When I change the master password, or run a backup in Web, these values change in the duplicacy.json file.
- Are these the passwords?
- They’re encrypted with the master password?
- What can I do if I don’t want these to be saved when using Web?
- When I delete the “credentials” block from the duplicacy.json file while Web is running, I can still run a backup, and the “credentials” are rewritten to the file, but with different values than before. Does this mean the passwords are saved in memory while Web is running?
- But if I delete the “credentials” block when Web is not running, they will not reappear, and I can no longer login to the remote storage. How can I reinsert them again?
- How do I change the storage password and webdav_password in Duplicacy Web (similar to previous question)?
- I did not select to save the master password to keyring, so it’s not saved on the computer?
- Can I stop the “save to keyring” from being automatically checked when I login to Web?
I also see .duplicacy-web\keyring
and inside is “encryptionkey”.
- What is this used for?
On Duplicacy CLI
I see .duplicacy-web\repositories\localhost\0\.duplicacy\keyring
where the storage password and webdav_password are listed. They were saved there when I ran a backup in CLI.
- These are encrypted by the specific Windows account?
- But anyone logged into the Windows account has access to the remote storage?
I see that when I delete the keyring file, in CLI, I am prompted for the passwords, and a new keyring file appears. But then I can run duplicacy set -no-save-password=true
, which updates in .duplicacy-web\repositories\localhost\0\.duplicacy\preference
, and I am prompted for passwords on every backup run in CLI. But if I run a backup on Web, the preference no_save_password=false
is updated, and I have to set it again to true.
- Is there a way to stop Web from changing no_save_password every time?
The instruction was confusing for changing the remote storage login password (e.g. webdav_ password) in the keyring file with the duplicacy list -reset-passwords
command.
I eventually figured out that when it asks for Enter the WebDAV password:
, you enter the new login password, and when it asks for Enter storage password:
, you don’t change this password and use the old/current one.
- I could also simply delete the entry from the keyring file and then I will be prompted again for it.
- I was able to successfully change the storage password with
duplicacy -password
command.
Secure the C:\Users\username\.duplicacy-web
folder
- Can I move the .duplicacy-web folder (I guess it would be .duplicacy if only using the CLI, or something else?), to an encrypted container, and then create symlink in
C:\Users\username\
with the same folder name and path to the new location in the encrypted container?
EDIT:
Moving the folder to an encrypted container and then making a directory symbolic link seems to work, even when Windows 10 system environmental variables path for the duplicacy.exe is inside the target folder of the symlink.
C:\Users\username>mklink /d .duplicacy-web E:\duplicacy-secure\.duplicacy-web
Sorry for so many questions, and thanks for the help.