Security

 

Legacyarmour, at its core, is about Security and Privacy.

One of our core beliefs is that you have the right to personal security and privacy. 

 

Most sites that claim to encrypt your files only do it after they are uploaded. 

Why does that make a difference? 

Because if your files are encrypted after uploading, that means that any hacker could intercept your files as they were being uploaded. By encrypting everything before it is uploaded, files get transmitted encrypted and also saved encrypted. That is like locking the front door with an industrial lock and taking the key with you.  Only you have the key and only you can unlock that door.  Isn’t that the whole point?

In order to securely protect your privacy, Legacyarmour will:

  1. Double encrypt everything you upload.

  2. Encrypt on your machine to ensure full encryption during transmission.

  3. NEVER upload your unencrypted passphrase or Secret Answers.

  4. Use the latest, best tested algorithms for encryption.

  5. Try to hack our own site to provide continuous testing and validation.

  6. Employ third-party companies to authenticate our security.

  7. Use best of class cloud storage to ensure that your data is never lost.

  8. Use secure and encrypted connections between your computer and our servers.

  9. Guard your privacy by compartmentalizing information.

To make sure that your information is never lost, Legacyarmour stores your capsule in redundant cloud storage.  We place multiple copies in multiple locations separated by thousands of miles.  To lose your data, the entire Cloud Storage system would need to be destroyed everywhere, nationwide.

 

Legacyarmour also works with other third party providers to employ 24/7 significant protection against network security issues such as packet sniffing, spoofing, Phishing, Distributed Denial of Service (DDoS) attacks, and Man in the Middle (MITM) attacks.

 

 

Legacyarmour does not sell, license, distribute, or share any information about its clients or their recipients with anyone.  There.  That says it all.  No legalese.  We just don’t do it.  We believe in personal privacy and protect it to the best of our abilities at all times.

 

For the Security Professionals

Legacyarmour uses AES-256 encryption with a randomly generated 256-bit symmetric key to encrypt a capsule and then encrypts the key itself using AES-256 with a symmetric key comprised of an algorithmically generated unique key based on the secret answers submitted by the subscriber.  The generation of the unique key is covered by one of the patents submitted by Legacyarmour. 

Once the capsule is encrypted and the key to the capsule is encrypted, each of the secret answers is hashed using SHA-512.  The only thing uploaded to the Legacyarmour servers is the already encrypted capsule, the shared questions, and the SHA-512 hash of each answer.  These files are uploaded to the Legacyarmour servers using HTTPS SSL secured by a Class 3 EV SSL CA – G3 certificate (2.16.840.1.113733.1.7.23.6) provided by the Symantec corporation and validated by legal counsel.

After uploading from the subscriber, the local memory used to generate the keys and hashes are wiped multiple times and then released to ensure that no other processes or instances can access the information that was in the memory. We do not rely on operating system or browser cleanup to wipe the memory.

After uploading to the Legacyarmour Servers, the Capsule, Questions, and Hashes are encrypted yet again using Legacyarmour asymmetric corporate keys.  For increased security, the Legacyarmour keys are not stored in one location on the site but rather diced and scattered throughout the site with only the running instance of the Legacyarmour code able to reconstruct the key. Emergency back-up keys are stored in a bank vault, encrypted with a dual asymmetric key that requires two members of the Legacyarmour Executive team to decrypt and retrieve the keys. 

Secure Transfers

Your files are sent between your computer and Legacyarmour’s servers over a secure channel using 256-bit SSL (Secure Sockets Layer) encryption, the standard for secure Internet network connections used by the banking industry and the government for their secure transfers.

Privacy

A copy of our full privacy policy can be found here: Privacy Policy