Security First

Built from the ground up with privacy and security in mind. Your data stays yours, always.

Zero Knowledge Architecture

File Fortress never sees your files. Our local CLI approach means your data stays on your device, always.

Core Security Features

Multiple layers of protection for your data.

End-to-End Encryption

AES-256 encryption protects your data. All your file metadata is encrypted using industry-standard encryption before any processing. Encryption keys are generated and stored locally on your device.

Local Processing

Your data never leaves your device. Unlike cloud-based solutions, File Fortress processes everything locally. Your files, file names, and directory structures remain completely private.

Zero Knowledge

We can't see your data, even if we wanted to. Our zero-knowledge architecture means we have no access to your file contents, names, or metadata. Your privacy is guaranteed by design.

Remote Storage Encryption

FileFortress supports encrypted remote storage, allowing you to work with cloud files encrypted by RClone, Cryptomator, or other encryption tools. When you scan encrypted remotes, FileFortress automatically decrypts file and folder names so you can search and organize your encrypted files seamlessly.

Three Encryption Modes
  • RClone Crypt - Standard: Strong cryptographic encryption, fully compatible with RClone
  • RClone Crypt - Obfuscate: Light obfuscation for non-sensitive data (NOT secure)
  • AES-256-CBC: Custom FileFortress encryption with industry-standard AES-256

Remote encryption is available on Standard tier and higher. Upgrade your subscription to unlock this feature.

Read the Remote Encryption Guide

You Control Your Local Data Encryption

Your local file index is always encrypted. You choose the method.

Automatic Encryption

Default

By default, FileFortress uses automatic, machine-specific encryption. The encryption key is securely bound to your device.

  • No password to remember or type
  • Seamless and secure for single machine use
  • Configuration not easily portable to other devices

Custom Password

Portable

You can provide your own master password during initialization. This password encrypts your entire local configuration.

  • Configuration is portable to other devices
  • Full control over the encryption key
  • Option to use a --key-file for convenience

How We Protect Your Data

Local CLI Application

All file analysis happens on your device using our command-line interface. No file data is ever transmitted to our servers.

Client-Side Encryption

Encryption keys are generated locally and never shared. Only encrypted metadata hashes are processed for duplicate detection and organization.

Minimal Cloud Permissions

We only request read-only metadata access to your cloud storage. We cannot download, modify, or delete your files.

Industry Standards

We use TLS 1.3 for all communications, OAuth 2.0 for secure authentication, and follow OWASP security guidelines.

Technical Security

  • AES-256: Military-grade encryption for all data at rest
  • TLS 1.3: Latest transport layer security for data in transit
  • PBKDF2: Password-based key derivation with salt
  • OAuth 2.0: Secure authentication without storing passwords
  • SHA-256: Cryptographic hashing for file integrity

Privacy Guarantees

  • No File Storage: We never store your actual files
  • No Content Access: We cannot read your file contents
  • No File Names: We don't see your file or folder names
  • No Tracking: We don't track your browsing or usage
  • No Third Parties: We don't share data with advertisers

What We Store on Our Servers

Transparency about our minimal data collection.

We Care About Your Privacy

File Fortress keeps minimal data on our servers - only what's absolutely necessary for account management and subscription limit enforcement.

Your Name and Email Address

Required for account authentication, login, and essential communication.

Device Names

The names you choose when registering devices to your account.

Number of Remote Storage Accounts

A count of connected cloud storage providers (not their names or contents).

Why We Collect This Data

This minimal information allows us to manage your account and ensure you stay within subscription tier limits. That's it - there is no other purpose.

Compliance & Standards

GDPR Compliant

Full compliance with European data protection regulations.

SOC 2 Ready

Following SOC 2 Type II security and availability principles.

ISO 27001

Implementing information security management best practices.

Questions About Security?

We're transparent about our security practices. If you have specific questions about how we protect your data, we're here to help.

Security FAQ Contact Us