Backup & Recovery Guide

THIS IS THE MOST IMPORTANT DOCUMENTATION YOU WILL READ.

Your vault file contains all your passwords. If you lose it without a backup, your passwords are gone forever. There is no password recovery, no cloud backup, and no way to retrieve your data.

5-minute summary: Make at least 2 backup copies of your .vault file in different locations (external drive + cloud storage). Test restoring from backup once per month.

Table of Contents

• Why Backups Are Critical
• What to Backup
• The 3-2-1 Backup Rule
• Backup Methods
• Cloud Storage (Recommended)
• Automated Backup Solutions
• Manual Backup Procedure
• Testing Your Backups
• Recovery Procedures
• Disaster Recovery Scenarios
• Backup Security
• Common Mistakes
• Backup Checklist

Why Backups Are Critical

The Harsh Reality

CoraleVault has no password recovery mechanism by design. This is a security feature, not a limitation:

• Your master password is never stored (not even encrypted)
• Your vault data is encrypted with keys derived from your password
• Without your password OR your vault file, your data is lost forever
• We (the developers) cannot help you recover lost data

What Can Go Wrong

Common data loss scenarios:

1. Hard drive failure

   • All hard drives fail eventually
   • SSDs can fail suddenly without warning
   • Average lifespan: 3-5 years

2. Accidental deletion

   • Deleted vault file
   • Formatted wrong drive
   • Cleaned up “old files” by mistake

3. Ransomware/malware

   • Encrypts your files (including vault)
   • Deletes files
   • Corrupts data

4. Hardware theft or loss

   • Laptop stolen
   • Phone lost
   • Computer damaged (fire, flood, etc.)

5. Software bugs

   • Corrupted vault file during save
   • Cloud sync conflicts
   • Operating system crash during write

6. Forgotten master password

   • Can’t access vault even though file exists
   • No password = no access (by design)

Every single scenario above is preventable with proper backups.

What to Backup

Essential: Your Vault File

The one file you MUST backup:

• Your .vault file (e.g., passwords.vault)
• This contains ALL your encrypted passwords

Where to find it:

• You chose the location when creating it
• Common locations:
  • Windows: C:\Users\YourName\Documents\passwords.vault
  • macOS: /Users/YourName/Documents/passwords.vault
  • Linux: /home/yourusername/Documents/passwords.vault

Important: Your Master Password

You must remember your master password. Consider:

1. Write it on paper

   • Store in safe, locked drawer, or safety deposit box
   • NEVER store digitally unencrypted

2. Give copy to trusted person

   • Spouse, parent, adult child
   • In sealed envelope
   • For emergency access if you’re incapacitated

3. Password hint (optional)

   • Store separately from vault
   • Not obvious to others
   • Helps jog YOUR memory only

Optional: Application Installer

If you want to ensure you can always access your vault:

• Download and save the installer for your current version
• Store in same backup locations
• Ensures compatibility if website goes down

The 3-2-1 Backup Rule

Industry best practice:

• 3 - Keep THREE copies of your data

  • 1 primary (your working copy)
  • 2 backups

• 2 - Store on TWO different types of media

  • Example: Computer hard drive + External USB drive + Cloud storage
  • Protects against media-specific failures

• 1 - Keep ONE copy off-site

  • Different physical location
  • Protects against fire, theft, natural disaster
  • Cloud storage counts as off-site

Example 3-2-1 Setup

Copy 1 (Primary):

• Location: C:\Users\You\Documents\passwords.vault
• Purpose: Daily use

Copy 2 (Local backup):

• Location: External USB drive
• Purpose: Quick recovery
• Update: Weekly

Copy 3 (Off-site backup):

• Location: Dropbox/Google Drive/OneDrive
• Purpose: Disaster recovery
• Update: Automatic (cloud sync)

Backup Methods

Method 1: Cloud Storage (RECOMMENDED)

Best for: Automatic, continuous backups

Pros:

• Automatic synchronization
• Version history (can restore old versions)
• Off-site protection
• Multi-device access
• Free (most services offer 2-15 GB free)

Cons:

• Requires internet
• Trust in cloud provider (but vault is encrypted)

Setup time: 5 minutes

See: Cloud Storage Setup below

Method 2: External Drive

Best for: Local control, no internet required

Pros:

• Complete control
• No reliance on internet
• Fast backup/restore
• One-time purchase

Cons:

• Manual process (easy to forget)
• Can be lost/stolen/damaged
• Must remember to update

Setup time: 2 minutes

See: Manual Backup Procedure below

Method 3: NAS (Network Attached Storage)

Best for: Tech-savvy users with home networks

Pros:

• Automatic network backups
• Local control
• Large capacity
• Can serve multiple devices

Cons:

• Expensive ($200-$500+)
• Requires setup and maintenance
• Still on-site (not protected from fire/theft)

Setup time: 30-60 minutes

Method 4: System Backup Software

Best for: Comprehensive system backups

Examples:

• Windows: File History, Windows Backup
• macOS: Time Machine
• Linux: Deja Dup, Timeshift

Pros:

• Backs up everything (not just vault)
• Automated
• Point-in-time recovery

Cons:

• Large storage requirement
• Slower to restore just vault
• Requires setup

Cloud Storage (Recommended)

Your vault file is encrypted, so storing it in the cloud is safe as long as your master password is strong (12+ characters with complexity).

Recommended Services

All of these are safe for encrypted vault files:

Setup: Dropbox

1. Install Dropbox

   • Download from dropbox.com
   • Create free account
   • Install desktop client

2. Move vault to Dropbox folder

   • Close CoraleVault
   • Move passwords.vault to C:\Users\You\Dropbox\ (Windows)
   • Or /Users/You/Dropbox/ (macOS/Linux)

3. Wait for sync

   • Dropbox icon shows syncing progress
   • Green checkmark = synced

4. Open vault from new location

   • File → Open → Browse to Dropbox folder
   • Open passwords.vault
   • CoraleVault remembers this location

Done! Your vault now automatically syncs to the cloud.

Setup: Google Drive

1. Install Google Drive

   • Download from drive.google.com
   • Sign in with Google account

2. Move vault to Google Drive folder

   • Close CoraleVault
   • Move passwords.vault to Google Drive folder
   • Windows: G:\My Drive\ or C:\Users\You\Google Drive\
   • macOS: /Users/You/Google Drive/

3. Verify sync

   • Check drive.google.com
   • Confirm file appears

Setup: OneDrive (Windows)

1. OneDrive is built into Windows 10/11

   • Already installed
   • Sign in: Settings → Accounts → OneDrive

2. Move vault to OneDrive

   • Default location: C:\Users\You\OneDrive\
   • Move passwords.vault there

3. Verify sync

   • Blue cloud icon = syncing
   • Green checkmark = synced

Important: Avoid Sync Conflicts

NEVER open vault on multiple devices simultaneously!

Problem:

• Device A makes changes
• Device B makes changes
• Cloud creates “conflicted copy”
• Data inconsistency

Solution:

1. Always close CoraleVault on one device before opening on another
2. Wait 30 seconds for cloud sync to complete
3. Only use one device at a time

If you get a conflict:

• You’ll see files like: passwords (conflicted copy).vault
• Compare timestamps
• Choose newest version
• Delete conflicted copy after verifying

Automated Backup Solutions

Windows: File History

Built-in to Windows 10/11.

1. Connect external drive
2. Enable File History
   • Settings → Update & Security → Backup
   • Add a drive
   • Select external drive
3. Add vault location
   • File History backs up Desktop, Documents, Pictures by default
   • If vault is elsewhere: More options → Add a folder

Recovery:

• Right-click vault file → Restore previous versions

macOS: Time Machine

Built-in to macOS.

1. Connect external drive

   • macOS asks: “Do you want to use this drive for Time Machine?”
   • Click “Use as Backup Disk”

2. Configure Time Machine

   • System Preferences → Time Machine
   • Turn on Time Machine
   • Select backup disk

3. Automatic hourly backups

   • Runs in background
   • Keeps:
     • Hourly backups for past 24 hours
     • Daily backups for past month
     • Weekly backups until disk is full

Recovery:

• Click Time Machine icon → Browse backups
• Navigate to vault file location
• Select version to restore

Linux: Deja Dup

Easy backup tool for GNOME/Ubuntu.

1. Install

   1	sudo apt-get install deja-dup

2. Configure

   • Search for “Backups” in applications
   • Choose backup location (external drive or cloud)
   • Select folders to backup (include Documents)
   • Set schedule (daily recommended)

3. Enable automatic backups

Recovery:

• Open Backups → Restore
• Select date
• Choose files to restore

Manual Backup Procedure

If you prefer manual control or don’t use cloud storage:

Weekly Manual Backup

Time required: 2 minutes

1. Close CoraleVault

   • Ensures vault file is fully saved
   • Prevents file locks

2. Connect external drive

   • USB drive, external HDD/SSD

3. Copy vault file

   • Navigate to vault location
   • Right-click passwords.vault → Copy
   • Paste to external drive

4. Rename with date (RECOMMENDED)

   • Helps track backup versions
   • Example: passwords-2025-11-04.vault
   • Keep last 4-8 backups (monthly rotation)

5. Verify copy succeeded

   • Check file size matches
   • Try opening backup in CoraleVault (to test integrity)

6. Store drive safely

   • Locked drawer, safe, or off-site location

Example Backup Script

Windows (PowerShell):

1
2
3
4
5
6

# backup-vault.ps1
$source = "C:\Users\You\Documents\passwords.vault"
$destination = "D:\Backups\passwords-$(Get-Date -Format 'yyyy-MM-dd').vault"

Copy-Item $source $destination -Force
Write-Host "Backup created: $destination"

macOS/Linux (Bash):

1
2
3
4
5
6
7
8

#!/bin/bash
# backup-vault.sh

source="$HOME/Documents/passwords.vault"
destination="/Volumes/Backup/passwords-$(date +%Y-%m-%d).vault"

cp "$source" "$destination"
echo "Backup created: $destination"

Run weekly:

• Windows: Task Scheduler
• macOS/Linux: cron

Testing Your Backups

CRITICAL: A backup you haven’t tested is not a real backup.

Monthly Backup Test

Test procedure (5 minutes):

1. Find your backup

   • External drive, cloud storage, etc.

2. Copy backup to test location

   • Desktop or Downloads folder
   • Don’t modify original backup

3. Open in CoraleVault

   • File → Open
   • Select backup copy
   • Enter master password

4. Verify data

   • Check recent entries exist
   • Check a few passwords
   • Everything should be present

5. Delete test copy

   • Remove from Desktop/Downloads
   • Keep original backup untouched

If test fails:

• Try other backups
• Investigate why backup is corrupted
• Fix backup process immediately

What to Test

• Can you locate your backup?
• Is backup file size reasonable? (not 0 bytes)
• Can you open it with correct master password?
• Is data complete and uncorrupted?

Recovery Procedures

Scenario 1: Accidentally Deleted Vault

Immediate actions:

1. Don’t panic

2. Don’t write anything to disk (reduces chance of overwriting)

3. Check Recycle Bin / Trash

   • Windows: Recycle Bin
   • macOS: Trash
   • Linux: Trash folder

4. If not in Recycle Bin:

Windows:

1
2

# Check for shadow copies
Right-click folder → Restore previous versions

macOS:

1
2

# Check Time Machine
Click Time Machine icon → Browse backups

Linux:

1
2

# Check trash
ls ~/.local/share/Trash/files/

5. Restore from backup
   • Copy backup to original location
   • Rename to original filename

Scenario 2: Hard Drive Failure

Your drive is dead. Now what?

1. Don’t panic - You have backups (right?)

2. Get new drive

   • Install new HDD/SSD
   • Reinstall operating system

3. Reinstall CoraleVault

   • Download from /download/
   • Install

4. Restore vault from backup

   • Cloud backup: Download from Dropbox/Google Drive
   • External drive: Copy from USB drive
   • NAS: Copy from network storage

5. Open restored vault

   • Should work immediately
   • All passwords intact

Prevention: This is why you need off-site backups!

Scenario 3: Ransomware Attack

Your files are encrypted by malware.

1. Disconnect from internet immediately
2. Don’t pay ransom (rarely works)
3. Wipe and reinstall OS (safest option)
4. Restore from backup
   • Cloud backup: Should be unaffected (if ransomware didn’t sync)
   • External drive: Should be unaffected (if disconnected)
   • Check backup dates (restore from before infection)

Prevention:

• Keep external drive disconnected when not backing up
• Use cloud storage with version history
• Keep OS and antivirus updated

Scenario 4: Forgot Master Password (No Recovery Possible)

Hard truth: If you forgot your master password and have no backups from when you remembered it, your data is lost forever.

Last-ditch efforts:

1. Try all password variations

   • Common typos
   • Different capitalization
   • Old passwords you might have reused

2. Check for password hints

   • Notes you may have left
   • Password manager (if you stored hint there)
   • Written notes in safe places

3. Check old backups

   • Do you have a backup from when you remembered password?
   • Cloud version history might have older version

4. Accept the loss and start fresh

   • Create new vault with NEW master password
   • Write down new master password (securely)
   • Set up proper backup system this time

Prevention:

• Write master password on paper, store securely
• Give copy to trusted person
• Use memorable passphrase, not random password

Scenario 5: Cloud Sync Conflict

You see: passwords (conflicted copy).vault

1. Don’t panic

2. Check both files:

   • Original: passwords.vault
   • Conflict: passwords (conflicted copy).vault

3. Compare timestamps

   • Right-click → Properties (Windows) or Get Info (macOS)
   • Which was modified more recently?

4. Open both in CoraleVault

   • Open original, note last entry date
   • Open conflicted copy, note last entry date
   • Choose the one with most recent data

5. Keep only the correct version

   • Rename chosen file to passwords.vault
   • Delete the other
   • Move to cloud folder

6. Prevention:

   • Never use vault on multiple devices simultaneously
   • Always close CoraleVault before switching devices
   • Wait 30 seconds for cloud sync

Backup Security

Is It Safe to Store Encrypted Vault in Cloud?

Yes, if your master password is strong.

Why it’s safe:

• Vault is encrypted with AES-256
• No one can decrypt without your master password
• Even cloud provider cannot access your data
• Even if vault is stolen, data is safe

Requirements for safety:

• Master password is 16+ characters
• Master password is complex (upper, lower, numbers, symbols)
• Master password is unique (not used elsewhere)

Not safe if:

• Master password is weak (< 12 characters)
• Master password is common (“Password123!”)
• Master password is reused from another service

Should I Encrypt My Backups?

Your vault is already encrypted, so additional encryption is optional.

Extra encryption layer (optional):

• Zip with password
• 7-Zip with AES-256 encryption
• VeraCrypt container

When extra encryption makes sense:

• Master password is weak (but you should fix this instead)
• Regulatory compliance requirements
• Extreme paranoia

Trade-off: More complexity = more ways to lose access.

Where NOT to Store Backups

Avoid:

• Unencrypted email attachments
• Public cloud links (shared Dropbox links, etc.)
• Workplace network drives (IT admins can access)
• Unsecured USB drives left in public places

OK:

• Private cloud storage (Dropbox, Google Drive, OneDrive)
• Encrypted external drives
• Physical safe
• Safety deposit box

Common Mistakes

Mistake 1: “I’ll do it later”

Problem: Later never comes. By the time disaster strikes, it’s too late.

Solution: Set up ONE backup method RIGHT NOW. Takes 5 minutes.

Mistake 2: Only one backup

Problem: Single point of failure.

Solution: Follow 3-2-1 rule (multiple copies, multiple locations).

Mistake 3: Never testing backups

Problem: Discover backup is corrupted when you need it most.

Solution: Test recovery monthly.

Mistake 4: Backup on same drive

Problem: Drive failure loses both original and backup.

Solution: Always use separate physical drive or cloud.

Mistake 5: Forgetting about backups

Problem: Backups get outdated, forgotten, or lost.

Solution: Set calendar reminder to verify backups monthly.

Mistake 6: Keeping master password with vault

Problem: Defeats the purpose of encryption.

Solution: Store master password separately (safe, sealed envelope, etc.).

Backup Checklist

Print this checklist and put it somewhere visible:

Initial Setup

• Created vault file in safe location
• Chosen strong master password (16+ characters)
• Written down master password on paper
• Stored master password securely (safe, locked drawer, etc.)
• Set up at least ONE backup method
• Tested backup by restoring

Weekly Tasks

• Verified vault file still exists
• Created manual backup (if not using automatic)
• Checked cloud sync status (if using cloud)

Monthly Tasks

• Tested backup recovery
• Verified multiple backup copies exist
• Checked backup file integrity (non-zero size, opens correctly)
• Rotated old manual backups (keep last 4-8)

Yearly Tasks

• Reviewed backup strategy (still adequate?)
• Tested disaster recovery procedure
• Updated master password (optional, only if compromised)
• Reviewed list of backup locations (are they all still accessible?)

Summary

Absolute essentials:

1. Your vault file is the ONLY copy of your passwords - Protect it
2. Use the 3-2-1 rule - 3 copies, 2 media types, 1 off-site
3. Cloud storage is safe for encrypted vaults (and convenient)
4. Test your backups - A backup you haven’t tested doesn’t exist
5. Write down your master password - There is no password recovery

Recommended minimum setup:

• Primary vault: Documents folder
• Backup 1: Cloud storage (Dropbox/Google Drive) - Automatic
• Backup 2: External USB drive - Monthly manual backup

Time investment:

• Initial setup: 10 minutes
• Weekly maintenance: 2 minutes (if manual)
• Monthly testing: 5 minutes

This 15 minutes could save you years of password reset headaches—or worse, permanent data loss.

Additional Resources

• Getting Started Guide - First backup instructions
• Troubleshooting Guide - Recovery procedures
• FAQ - Common backup questions
• Security Information - Why encryption makes cloud backups safe

Don’t wait until it’s too late. Set up your backups today.