Deleting your account.
If you for some reason want to delete your account:
Use the Crypho desktop app or a web browser to access https://app.crypho.com
Once logged in, click your name and profile image in the top right corner to expand the menu. Then select “My profile”.
Your profile shows you a button with the option to delete your account.
Deleting your account means:
No. Anyone who joins Crypho is automatically joined with a free personal account. There are no restrictions on who you can connect to.
There are no ads or tricks. Our revenues are based on business contracts.
We make it is easier for our customers to communicate with people outside their company by offering free personal accounts.
The personal accounts have some limitations compared to the paid accounts.
Personal accounts can only own one group each. They also have limitations on the file size that can be shared.
See the accounts and pricing page for details on the different types of accounts.
Personal accounts are free. They have some limitations.
Business accounts, however, have paid subscriptions with more features. See the pricing page for details on the different types of accounts.
When you exceed the limits of a free account, that information will be shown on your screen.
End-to-end encryption ensures that only you and the person you’re chatting with can access your messages. The messages (and files) are encrypted on your device with a key that is only shared between you and the recipient.
Only the designated person can decrypt and read the message. Even if messages are transmitted though Crypho’s servers, there is no way for anyone to decrypt and read them, as the keys are only available to the end users.
This is also the case with shared files.
All encryption and decryption happen on the client (i.e inside your mobile phone or computer).
Your encryption keys are never shared with anyone else. Therefore, no encryption or decryption can happen on our servers.
Crypho uses well known and tested encryption algorithms:
Read more about Crypho’s security and encryption in the Security section of Cryhpo’s documentation.
Crypho is an end-to-end encrypted messaging app with file sharing. It lets you communicate with others while keeping your information encrypted and confidential.
Crypho is available as a mobile app for Android and iOS, a desktop app for Windows and Mac OS, and a web app for quick access through a normal web browser.
Yes. We recommend using Crypho from both mobile and desktop for the best experience. You can connect multiple mobile devices or multiple desktops.
You can always access Crypho through a web browser by visiting app.crypho.com.
You don’t have to do anything special to secure your Crypho communication.
All communications in Crypho is encrypted end-to-end. No exceptions. There is no way to switch to insecure or unencrypted communication.
What sets Crypho apart from similar systems is the uncompromising focus on security and end-to-end-encryption. All data is end-to-end encrypted without Crypho or anyone else having access to the encryption keys.
There is no way for Crypho or a third party to gain access to any of the data. Even if the data is intercepted, stolen or seized, it is worthless without access to the members’ keys.
To get notifications about new messages when you are offline, you should:
The web app can not inform you of new messages when you are offline.
Yes. Crypho is Open Source and so is all the cryptography used in it. The source code is available on GitHub at github.com/crypho.
Yes. Pro accounts have a Download transcript option within the conversation options menu, for downloading a plain text transcript of an entire conversation history.
You can use Crypho on the web from all modern web browsers: The latest versions of Chrome, Firefox, Safari, Edge, Opera and Vivaldi all work.
We are not longer able to support Internet Explorer.
If you do not have access to a supported browser, we recommend you download and install the Crypho app.
Yes. Completely and unrecoverably.
Where other systems often just mark a file as deleted, we immediately wipe it from disk.
You can chat and share with anyone who is your contact and anyone who shares a group with you.
For someone to be your contact, you must invite them (inside the app) and they must accept the invitation.
Invitations happen from inside the app and are sent as a link through email.
Crypho is for organisations that have higher-than-normal security requirements, either from security concerns or from compliance requirements. Typical users are from the financial industry, the energy sector, enterprises, government and law-enforcement sectors — as well as small companies with security requirements.
We recognize that individuals also have the need for secure communications. We offer personal accounts for free.
No-one else can see which groups you are a member of, except the groups you share with them directly.
Example: Let’s assume that you are a member of Group A and Group B, and Anna is a member of Group B. Anna can see you in Group B as you are both part of it, but there is no way for her to know that you are a member of Group A, or even that Group A exists.
A group conversation is a persistent chat room and shared file folder available exclusively to invited members of the group. Groups are never announced publicly or visible to anyone beyond its members. Only invited members have access to the group conversation, know of its existence, and see who else is a member.
The person who creates the group is the group owner. The owner can add and remove other members.
The owner can also promote other members to operator. The operator can also add and remove members.
Only the owner can delete the group.
To create a group, click the + button in the main screen. You will be presented with a panel that allows you to choose among your contacts who to add to the group. If you want to invite people to the group that are not your contacts, invite them to be your contacts first.
The Group members field has a search. Start typing, and you will immediately be presented with matches among your contacts.
Anyone can create groups. Free accounts have a limitation on the number of groups.
First and foremost: Since all content in Crypho is encrypted with keys that only our customers hold, none of the content shared by our customers can be surrendered to authorities, regardless of warrants.
Crypho can not grant access to anyone to read your encrypted messages or files or be forced to install back doors.
There may however be cases where we are presented with legal requirements to share other information with government authorities. This is described in detail in our law enforcement policy and and transparency report page.
Crypho AS will not share customer data with any authorities unless compelled to do so by law. This means a request from a Norwegian court approved by a judge.
Crypho is subject to Norwegian law only. Foreign agencies with requests for information should direct their requests to the Norwegian police. We cannot comply with foreign requests that are not supported by a Norwegian court order.
Crypho’s servers are located in Norway in northern Europe.
One of the mechanisms in the login uses time-based codes. For example, if the clock on your mobile phone is one minute wrong, you will not be able to log in.
Turning on the automatic update of the clock on your mobile phone will fix this.
A recovery key is a mechanism that enables you to recover your account and content if you should forget your passphrase some time in the future.
Read how to create and use a recovery key in the documentation section.
You can request a passphrase reset on the login form in the desktop client or on app.crypho.com/login.
If you have previously created a recovery key, using this will allow you to retain your contacts, groups and shared content.
If you do not have a recovery key, you will be able to reset your passphrase as long as you have access to your two-factor authentication codes.
When you reset your passphrase this way, new encryption keys will be generated, and you will lose access to your existing messages, files, contacts and groups. Your contacts will be informed that you have re-set your passphrase and your keys.
You can read more about how to reset your passphrase on our page about passphrase recovery.
A passphrase is like a password only longer: words and characters that you enter to let the app know that the person typing is you.
Crypho also uses your passphrase to form a cryptographic key that is used for fetching other encrypted keys from our servers. It is therefore important that you use a strong enough passphrase. The simplest way of making your passphrase strong is to make it longer.
We recommend using at least three words, for example a short sentence.
When you reset your passphrase without a recovery key, new encryption keys will be generated, and you lose access to your contacts and groups.
Your existing contacts will be informed that you have re-set your passphrase and your keys, and must re-confirm you as a contact.
This is partially a security measure to avoid account fraud. It is also a result of the technical design of the cryptographic key exchange.
Since Crypho does not have access to your cryptographic keys, there is also no way for us to accesss your existing content. Since we cannot see it, we also cannot give you access to it.
In order to avoid losing access to your groups when resetting your passphrase, make sure to create a recovery key.
In order to keep your keys secure, Crypho must use encrypted storage space on your phone. This space is unavailable to the app unless your phone is protected with a pin, password or fingerprint. Android lock patterns, however, are not secure enough and will not allow the app to unlock the secure storage.
This is a limitation imposed by the Android operating system.
Crypho is primarily designed as a business tool and not for providing anonymity.
Crypho records as little data about you as possible, and does not share it with others. We can still not guarantee 100% anonymity.
No.
People can only see:
No one else can see who is in your contacts list.
We have no access to any of the content you share with others.
We store basic information about your account, such as your email address and phone number.
There is also meta-information about who your contacts are and what groups you are a member of.
We keep all of this information completely confidential.
We need your phone number in order to send you your 2-factor authentication tokens. We never share your phone number with others, nor do we use it for anything apart from sending you security codes.
If you were in the process of registering an account (on desktop or web) and didn’t complete your registration, you have no 2-factor authentication configured. Thus, you will not be able to log in.
To remedy this, simply click the original link you were sent in your registration email. Either from when someone invited you or when you received an email to confirm your email address.
You should promptly be taken to the correct stage in the sign-up-process, and able to complete the form.
In addition to the passphrase, you also need a time based security code for Crypho’s two-factor authentication. The two-factor authentication ensures that even if someone gets hold of your passphrase, they still cannot access your account.
In addition to something you know (your passphrase), you also need something you have (usually your phone or your computer).
Once you have linked your account to your phone, there is no need to enter the code. The security code is valid for 60 seconds. If you wait too long, you will have to request a new code.
If you have none of the options above available, you will effectively be locked out of your account. The only option left is to delete your account and re-register.