NewSupport for the updated client-side encryption (use of keys of length 4096 bit instead of 2048 bit)

The DRACOON Web App 6.0 now supports 4096-bit keys for client-side encryption, which ensures continued security for the long term.

In order for the new key lengths to become active, users must enter their decryption and emergency passwords (the latter only applies to room administrators and configuration managers) once again in the web app—until then, the existing 2048-bit keys will automatically continue to be used. Users will see a task in the upper right corner to enter their encryption password:

Users of DRACOON for Windows/Mac version 4.3 or later who have stored their decryption password there may not be prompted to re-enter the decryption password in the web app because the conversion to the 4096-bit file keys could already be done automatically by DRACOON for Windows/Mac with the stored decryption password.

After clicking the task, users get a short introduction, and they can enter their existing decryption password or change it on this occasion—in both cases, the new key lengths will become active:

Room managers are prompted to re-enter the room emergency password when entering an encrypted room so that it can also be changed to 4096 bits.

Configuration managers will see an additional task after logging in to re-enter the system-wide emergency password to change it to 4096 bits.

Learn more about the updated client-side encryption

NewOption for configuration managers to distribute missing files keys

Sometimes authorized users do not yet have access to encrypted files, e.g. if they have recently set or changed their decryption password or if they have recently been granted access to an encrypted data room with lots of files—in these cases, they may need to wait a while before they can (re-)open all encrypted files.

Starting with version 6.0 of the DRACOON Web App, this waiting time can be shortened by having configuration managers participate in the distribution of the required file keys. This even works if the configuration manager has no permission to access a specific data room.
If applicable, configuration managers will see a task in the upper right corner that some users need file keys for encrypted files and therefore the system-wide emergency password should be entered, which can then be used to provide the required file keys to the users. (This only works for data rooms that have been secured with the system-wide emergency password).

This new feature can allow users to (re)gain access to encrypted files more quickly.

NewOption to change the system-wide emergency password

The system-wide emergency password can be used to decrypt encrypted files if users have forgotten their personal decryption password (provided the data room in question was secured with the system-wide emergency password). Previously, the system-wide emergency password, which the configuration manager had set when allowing encryption for the DRACOON environment, could not be changed later. If the password was lost, it could no longer be used for emergency file recovery. For this reason, the system-wide emergency password can now be changed at any time under Settings > Security > Forgot password?

NewExtensive policies for passwords and login

Until now DRACOON included only two policies (selectable rules) for passwords. The new version 6.0 of the DRACOON Web App now offers extensive password policies under Settings > Policies. Configuration managers can define these policies according to their individual security requirements. The policies can be set separately for login, sharing, and decryption passwords.

When clicking the Enforce new login password button, all active users are logged off immediately and must choose a new login password.

When setting passwords, users are always notified of the policies in effect. This simplifies the selection of compliant passwords, as it is immediately apparent during the input of the password which requirements the password must still meet:

In addition, the new version 6.0 of the DRACOON Web App offers four new login policies that can be used to specify, for example, that a local user account is locked for x minutes after x failed login attempts.

• The defined policies apply to all DRACOON clients, such as DRACOON for Outlook or DRACOON for iOS.
• Policies for login passwords only apply to direct login to the DRACOON environment. If the users are authenticated via Active Directory or OpenID Connect, the DRACOON policies for login passwords do not apply (the password policies defined in Active Directory, for instance, are already effective then).

NewFaster adding of users/groups to multiple data rooms

A new administration interface makes it possible to authorize users and groups to multiple data rooms with just one action. This makes adding users and groups to numerous data rooms more convenient and significantly faster because permissions no longer have to be assigned separately for each desired data room.

In the first step, you choose the data rooms to which you want to assign users/groups, in the second step you select the relevant users/groups—done!

NewSeparate notification for each file request possible

Previously, the creator of a file request could be notified by email by activating the notification about newly uploaded files in the corresponding data room—but this way he was notified about all files uploaded to the data room, including those that were not uploaded via the file request.
In the new version 6.0 of the DRACOON Web App, the notification can now be activated just for a specific file request—via the bell button, as it was already possible for shares.

In the overview of existing file requests, the notification can be activated or deactivated later if necessary.

NewModification date of a file refers only to the file contents

The modification date of a file now no longer changes if the file is renamed or its expiration date, classification, or annotation is changed. The modification date of a file now always shows the last change to the actual contents of the file. This makes it easier to identify if and when the contents of a file were last edited.
Of course, changes to the metadata of a file are still logged in the audit log with a timestamp.

NewExpiration date, classification, and favorite status can be set for multiple files at once

Until now, if you wanted to set the expiration date or classification of multiple files, the change had to be made for each file individually—file by file. Now, the change can be made for multiple files in one step: Just select the desired files, and then set the expiration date or classification once.

NewRemoval of expiration date with just one click

If an item has an expiration date, it can now be removed quickly and easily if necessary: Just click the new X button next to the date. Previously, an existing expiration date had to be deleted character by character by using the keyboard to remove it.