FAQ - Secret Space Encryptor
How can I migrate my data to a new device?
Password Vault:
- The password vault has an export/import function (you can choose between a compressed, fully-encrypted .pwv file format and an unencrypted, editable .xml format).
- For Android 6.0 and higher, standard (system-provided) backup/restore features can also be used.
Manual Transfer:
Show more ...
1. Export the vault to a .pwv file (use the "more" button in the password vault application). It will appear in the application's import/export directory.
(Default: [Internal Storage]/SSE/ or [Internal Storage]/Android/media/com.paranoiaworks.unicus.android.sse/ - can vary depending on system/application versions).
2. Copy the file to the import/export directory on your new device.
3. Import the file: Start Password Vault → cancel the password dialog → tap Help me get in! → choose Import Vault → select the file you want to import from the list (names correspond to file names in the import/export directory—if you cannot find your .pwv file, it is not located in the correct directory).
Text + File Encryptor:
These applications work with files, so you can back up/transfer them like any other file. The Text Encryptor's default directory is [Internal Storage]/SSE/Texts/ or [Internal Storage]/Android/media/com.paranoiaworks.unicus.android.sse/Texts/ and ../Steganograms/. The File Encryptor saves a new archive into the same directory where the original (unencrypted) file is located (by default). This destination can be changed in Settings → File Encryptor: Encrypted Files Destination.
IMPORTANT NOTES:
1) You can check/change the current import/export directory in the application settings (Settings → Common Settings: Import/Export Path).
2) ../Android//com.paranoiaworks.unicus.android.sse directories will automatically be deleted (a system feature) when the application is uninstalled (make a backup beforehand, if required).
I forgot my password. Can you help me?
No, there is no backdoor. That's the purpose of the application. All data are encrypted (mathematically altered) using the password. Without the password, you can't reverse the process and reconstruct the original data. We cannot help you. Nobody can. The correct password is the only way.
Why doesn't the application use fingerprints for file/text encryption and password vault access?
All data are fully encrypted (mathematically altered), and there must be an exact encryption key match to perform decryption. Without a 100% correct key, you can't reverse the process and reconstruct the original data. Fingerprints are usually used for authentication - originals are stored somewhere and compared during an authentication process, but the data are only hidden behind that process. There is no reliable way to use fingerprints for encryption (i.e., how to reliably generate a strong encryption key from fingerprints) - only a few unreliable experiments have been conducted so far. Moreover, fingerprints are not secret and cannot be changed. If someone obtains a copy of your fingerprints (which is quite easy for anyone who really wants to—since you literally leave your 'password' on everything you touch), all of your data (past, present, future) will be an open book for them. S.S.E. will NEVER use (directly or indirectly) biometric data for ENCRYPTION purposes.
Why can't I use other application(s) that work with the same ciphers (e.g., AES) to decrypt files/texts?
It isn't only about the encryption algorithm; there are many other factors: encryption mode (CBC, CFB, PCBC, OFB, CRT, CWC, EAX, ...), password processing (KDF - Key Derivation Function), integrity check, file archive type, compression, etc. Detailed format specifications can be found here.
I can't decrypt my data; the application says "Invalid password or corrupted data", but I'm 100% sure my password is correct.
A) Probability—more than 99.9%: Your password really is invalid. Avoid typos when you try to set or enter your password, and remember the correct password for the specific piece of data. Typing errors are quite easy to make on a software keyboard. If you are in an 'incorrect password' situation, please check for missing, swapped, or doubled letters; letters replaced by neighboring keys; or extra neighboring letters added. Try all combinations of keys in the vicinity of your intended key, one by one. It's laborious, but possible in the case of a single-character error—many users have recovered their data using this procedure. Many users who were '100% sure' eventually recalled the correct password after trying various possibilities. Those who believe they never make mistakes sometimes prefer to sacrifice their data to maintain this belief.
B) Probability—low: A hardware failure. The application verifies (decrypts) all data (Password Vault and Text Encryptor) and the header of .enc files after encryption to avoid calculation or memory errors. Most hardware errors (which are unfortunately unpreventable) are caused by storage failures. SD cards are often much less reliable than internal memory (especially certain combinations of devices and SD cards). Internal memory can also fail, but the probability is lower if you buy a decent device. Android is an open platform, and there are many unreliable devices on the market. If you value your data, stay away from them. Also, be sure to always unmount SD cards safely (and other external storage) before removing them.
The application can be easily "cracked" (meaning, gaining PRO version features) by various automatic "patchers". What about the strong ciphers?
The "strong ciphers" and all encryption capabilities of the application have absolutely nothing to do with the anti-piracy protection of the PRO version. There is no (and will not be any) special anti-piracy protection in this application because implementing it would be counterproductive. Applications of this type must be trustworthy, and their strongest attributes are being open source, having a non-obfuscated build, being fully offline if possible, etc. All of these factors conflict with typical anti-piracy measures but make the application much more reliable. Do not mistake these strengths for weaknesses. This isn't primarily a 'money-making' project (it likely wouldn't succeed as one). If someone wants to rely on cracked security apps and has a rooted device full of 'crackers and patchers,' that's their choice, and we accept it.
Is this application quantum-proof?
Yes, this app uses only symmetric encryption algorithms for data encryption with key sizes of 256 bits or more. Symmetric encryption is considered secure even against quantum computers, as these algorithms are not believed to be significantly weakened by known quantum attacks. In contrast, quantum computers pose a significant threat to currently used asymmetric encryption algorithms (like RSA or ECC).
PRO Version License: Can I reuse my purchased SSE PRO license, or do I need to buy it again?
A) Google Play Version: This version can no longer be upgraded to PRO due to changes in Google Play Store policies regarding monetization and developer information requirements (specifically the mandatory publication of phone numbers and addresses), which we find unacceptable.
To upgrade, please install the "F" flavor version, which is completely independent of the Google Play Store and its services.
The "F" flavor version can be downloaded from the following sources:
1) Developer Page
2) F-Droid
Notes:
‣ Install the "F" flavor version directly without uninstalling the original Google Play version. This will preserve all your data and settings.
‣ If you're migrating from the PRO Google Play version to a new device running Android 6.0 or higher, Android's auto-backup feature should reactivate the license. The "F" flavor version can also be activated using the code found under Other Utilities → Activate PRO Desktop (PC) Versions on your old device with the Google Play version. Be sure to save this code for future use.
B) "F" Flavor Version (distributed outside Google Play, activated with a key):
The license is perpetual and can be used on an unlimited number of your own devices (Android + desktop).
Why doesn't Clipboard Cleaner work?
This issue is addressed here.
File Encryptor Specific
My file(s) are still visible after encryption. Is the application not working correctly, or am I doing something wrong?
SSE File Encryptor works like an archiver: a new .enc file is created. You can delete or wipe the original file(s) after the encryption process is completed, or this can be done automatically: Settings: File Encryptor → Wipe Source After Encryption.
My images/videos (or other documents) were encrypted/deleted, but I can still see their thumbnails in my picture viewer/gallery application. What should I do?
Since there are numerous gallery/picture viewer applications available, this issue does not have a universal solution. When a picture file is deleted, your gallery software might still retain its own cached copy (thumbnail), and updating this cache is the responsibility of the gallery software. Thumbnails might be stored (cached) within the gallery software's private data space, meaning other applications do not have permission to access or delete them. A similar issue can occur with other document types if the associated application keeps AutoSave copies or other cached versions.
Android 4.4 and higher: External SD card (or USB drive) is read-only (or not visible). Message: EACCESS (Permission denied).
Android 4.4+ prevents most apps from directly writing to an external SD card, except for preinstalled system apps. The only workaround on Android 4.4 is to root your device and modify permissions. On Android 5+, use SAF (Storage Access Framework).
- button
or 
Search online for more information, using terms like: android 4.4 external card read only
☯ Alternative Method ☯
Try using (or create if it doesn't exist) the following directory on your external SD card:
Android/data/
com.paranoiaworks.unicus.android.sse
or
Android/media/
com.paranoiaworks.unicus.android.sse
These folders are designated for the application, and it should have write permissions within them.
Note: If you uninstall the application, the contents of these specific folders will be automatically deleted by the system. Make a backup beforehand if needed.
Text Encryptor Specific
Text is decrypted even when I change the algorithm in the settings. How is this possible?
You only set the ENCRYPTION algorithm. The DECRYPTION algorithm is detected automatically because information about the algorithm used is stored within the encrypted data format.
The application produces completely different encrypted output each time I tap the encrypt button, even with the same input text and password. Why?
Search your preferred search engine for:
cryptographic salt
Password Vault Specific
What is a KEM Key Pair, and what is it used for?
In the future, this function might be directly integrated with the File Encryptor (and possibly the Text Encryptor), but you can already use it "manually" as a way to securely exchange passwords.
It uses standard asymmetric cryptography techniques, employing modern quantum-resistant algorithms. You can learn more by searching for "key encapsulation mechanism".
In short:
1) Generate a public/private key pair and send the public key to the counterparty with whom you want to share encrypted texts / files.
2) The counterparty uses your key to generate a shared secret, the encapsulated version of which they send to you.
3) Use your private key to extract the shared secret - both parties now have a securely exchanged password (shared secret) which you can use for encryption.
Other Questions
While there's no such thing as a bad question, some questions are better directed elsewhere, or the manner of asking could be improved. This section provides examples.
How do I charge my phone? How do I run applications? What should I do if my phone falls into the toilet? etc.
Please use a search engine (like DuckDuckGo or Google) for these types of general questions. We are not a general Android support service, a training center for other developers' applications, nor the manufacturer of your phone.
I need someone to chat with about various topics, and your email address is as good as any.
For general chat or unrelated questions, consider using services like ChatGPT. You can ask it anything you want, even the same thing over and over again, without it losing patience with you.
You [expletive] piece of [expletive], when are you going to implement X/Y in your [expletive] application!???
If your request for feature X/Y is phrased in this manner, we can assure you it will not be prioritized based on this feedback alone.