Keep your documents encrypted, always

Meet ONLYOFFICE Private Rooms where every symbol you type is encrypted end-to-end

Why ONLYOFFICE is the safest way to work on docs

Unbreakable document encryption

ONLYOFFICE uses the AES-256 algorithm to encrypt documents with brute force-resistant keys. To exhaust this encryption, 50 supercomputers would need around 3×1051 years.

Encrypted real-time co-editing

ONLYOFFICE encrypts the data transfer while collaborating on documents online. This prevents outsiders from being able to read or understand the changes you or your co-authors make.

No manual actions with passwords

You don’t need to invent, send or enter any passwords: they are generated automatically on-device and transferred in encrypted form when sharing the document.

Entirely private storage

Every bit of information in a Private Room is encrypted. Copying, moving, versioning, and re-writing are not possible to keep data safe under all circumstances.

How it works

Private Room works via the ONLYOFFICE Desktop Editors interface to encrypt and decrypt the data on the client and make the security endpoint.

1. Getting encryption key pair

Upon the first login to the cloud, the desktop app generates a pair of keys for the user, private and public, and remembers them.

The private key is encrypted with the user’s password and stored together with the public key in the user database in ONLYOFFICE.

2. Encrypting documents

At the moment, you can encrypt DOCX, XLSX, and PPTX files in a Private Room.

After a user places a document or saves the newly-created one within a Private Room, the data is encrypted with 256-bit password generated automatically within the app.

This password is then encrypted with a public key of the user.

The pair of passwords for the encrypted document and the public keys of all users with access are recorded in the unencrypted part of the file together with the encrypted document contents.

The resulting file is stored in a Private Room in the ONLYOFFICE cloud.

When accessing the encrypted file, the user’s instance of ONLYOFFICE Desktop Editors decrypts the file key using their private key, and opens the file.

3. Sharing and collaborating on documents

When a user shares a protected file, the file key is encrypted with the public keys of all users with access to the file. On their machines, it is decrypted using their private keys.

In co-editing, each user’s inputs are individually encrypted and shared using the above-mentioned asymmetric encryption in transfer.

What you can and can’t do in a Private Room

To make sure your data is safe, some actions are restricted in Private Rooms.

Create and upload files

Copy files

Browse your protected files and files shared with you

Move files shared with you

Create folders

Move files to bin or outside the Private Room

Move your files within a Private Room

Upload folders

Delete files permanently

Overwrite files by moving or uploading

Share files with users who have encryption credentials

Restore file versions

Co-edit files

Share files with users without encryption credentials