Many people have very private files like password safes or cryptocurrency wallets on their computer. Usually their content is already protected against usage by other persons by means of encryption. But it's still possible for viruses, Trojan horses and powerful organizations to read the file, copy it to their own web server and try to decode it there over months. It would also be possible to delete it which would, in the case of a wallet, result in a total loss of your hard earned money. Mighty Desktop's File Protector (in the 'System Safety' tab) can block the access to such a file either for modifications or even completely by denying reading as long as it is running. Because Mighty Desktop is typically started during Windows boot and stays as a background process it will block access immediately after boot up to the shutdown. But wait, aren't there file rights to achieve this goal? Yes, sort of, but an administrator can easily remove such restrictions. In contrast, Mighty Desktop's method works by holding the files open in exclusive mode. This way not even a network administrator will have access to it whatever he does.
Just be reminded that this system is not 100% safe, because there is a short time at boot and shutdown where the files are unprotected. Also it should be mentioned that every program that installs low level device drivers like Backup and Antivirus programs asf. can't be stopped from reading or writing these files. And thirdly, if Mighty Desktop is ended the files will be left unprotected. But, while Mighty Desktop's protection may not give you a 100% guarantee this is still 99 times better than nothing at all, right? And it's a whole lot easier than fumbling around with the complicated and slow access rights dialogs in Windows. In contrast Mighty Desktop can even do an automatic unlock when you start the official editor which is intended to edit these files.
Other usages of File Protector:
- Protect drive images of virtual machines against writing. This is necessary because read-only flags are not always respected by many third party applications and poof, the image is modified.
- Stress testing: Programmers can put a modify- or exclusive lock on any file they wish and then check how their application behaves if it encounters this file.
A `Modify Lock` means that a file's content can be read but not changed, and the file can neither be renamed nor moved. In case of an `Exclusive Lock` nothing can be done with the file, not even reading. If a spyware doesn't know Mighty Desktop it will definitively be stopped by File Protector.
If you wish to access a file, for example a password safe file of KeePass, you have two different options:
Add all programs that you are using to view or edit the file to the list in the column 'Unprotecting Processes'. You can also just drop a desktop shortcut onto the list. The list can contain multiple full paths to applications, each on one line. As soon as one of these apps is running Mighty Desktop will deactivate the protection of the file and when you close the app reactivate it. This way the protection isn't interfering with your work.
Right-click Mighty Desktop's notification icon and activate "File Protector off for 15 minutes" (hold [Ctrl] to switch it off without time limit). No complicated rights dialog and waiting is necessary. With that you can unlock all files at once with just one click in the blink of an eye. The time limit helps avoiding to forget to lock the files afterwards (happened often to me). The duration is configurable in the Settings tab.
One more, different protection approach is available: File Protector can make files in the list completely invisible by setting the two flags 'System' and 'Hidden'. After that the files can only be accessed by full path (so called "Security through obscurity"). Such files are even invisible on a machine that doesn't have the checkbox "Hide hidden files" set in File Explorer settings. But anyone who knows their name can still access it.
- You can add files to the list directly from the popup menu in File Explorer
- A red warning will appear if you add a pathname more than once
- Take heed of suboptimally programmed third party programs. Some can just say "File not found" when they try to open a protected file or not even notice when a save failed.
- Only the first instance of Mighty Desktop, the Main Server, does activate the protections. Additional instances don't even try, they would get errors, just like any third party program.