CryptPad Complete Setup Guide
Secure Document Collaboration for Privacy-Conscious Users and Organizations
What is CryptPad?
CryptPad is a privacy-first, open-source collaboration platform that provides end-to-end encrypted document editing, file storage, and team collaboration. Unlike Google Docs or Microsoft 365, CryptPad ensures that your documents are encrypted in your browser before being sent to the server.
Key Privacy Features
- Zero-knowledge encryption - Only you and collaborators can decrypt documents
- No tracking or analytics - Your activity remains private
- Anonymous usage possible - No email required for basic accounts
- Open source - Code is publicly auditable
- GDPR compliant - Based in France with strong privacy protections
- Real-time collaboration - Multiple users can edit simultaneously
Document Types Available
| Type | Description | Best For |
|---|---|---|
| Rich Text | Word processor with formatting | Reports, letters, documents |
| Spreadsheet | Excel-like calculations | Budgets, data analysis |
| Presentation | Slide-based presentations | Meetings, training |
| Kanban Board | Task management | Project workflows |
| Whiteboard | Collaborative drawing | Brainstorming, planning |
Choosing a CryptPad Instance
Official CryptPad.fr (Recommended)
- URL: https://cryptpad.fr
- Pros: Official, reliable, supports development
- Pricing: Free tier available, paid plans for more storage
⚠️ Important Security Considerations
- URL security - Document URLs contain encryption keys; treat like passwords
- Browser security - Keep your browser secure and updated
- Account backup - Anonymous accounts cannot be recovered if browser data is lost
Individual User Accounts
Creating Your CryptPad Account
1Navigate to CryptPad
- Go to https://cryptpad.fr
- Click "Sign up" in the top-right corner
2Choose Registration Method
Option A: Anonymous Account (Maximum Privacy)
- No email required - account tied to browser only
- Warning: Cannot be recovered if you lose browser data
- Best for: Testing or maximum privacy with manual backup
Option B: Email Registration (Recommended)
- Enter secure email address (ProtonMail, Tutanota recommended)
- Create strong, unique password (use password manager)
- Benefit: Account recovery possible
- Best for: Regular use and team collaboration
3Complete Registration
- Username: Choose something that doesn't reveal identity
- Password: Minimum 12 characters, use password manager
- Display Name: Use initials or pseudonym initially
Essential Security Settings
- Access Settings: Click avatar → Settings
- Privacy Configuration:
- Disable contact requests from strangers
- Hide your online status
- Disable usage feedback
- Security Settings:
- Enable automatic logout (1-4 hours)
- Keep unsafe links warning enabled
- Enable safe links
Critical: Backup Your Account
- Go to Settings → Account
- Click "Download my account data"
- Save the file securely - enables account recovery
- Store in encrypted location (password manager, encrypted drive)
Without this backup, you may lose access permanently.
Sharing Your Identity for Team Invitations
Safe to Share:
- ✅ Your CryptPad profile link
- ✅ Your display name
- ✅ Preferred contact method
- ✅ Which instance you're using
NEVER Share:
- ❌ Password or credentials
- ❌ Email address (unless requested by trusted admin)
- ❌ Private document links
- ❌ Account backup file
Email Template for Team Invitation
Subject: CryptPad Identity for Team Invitation
Hello [Team Administrator],
I've created my CryptPad account and am ready to join [Team Name].
My CryptPad Information:
Profile Link: https://cryptpad.fr/profile/#/1/view/[your-unique-id]/
Display Name: [Your Display Name]
Instance: CryptPad.fr
Please let me know if you need additional information.
Best regards,
[Your Name]Accepting Team Invitations
- Check Notifications: Look for bell icon in CryptPad
- Review Details: Verify team name and inviter identity
- Verify Authenticity: Contact admin via separate channel if suspicious
- Accept Invitation: Click "Accept" to join team workspace
Document Classification Understanding
- 🟢 PUBLIC: Can be shared outside team
- 🔵 INTERNAL: Team-only information
- 🟠 CONFIDENTIAL: Sensitive, special handling required
- 🔴 RESTRICTED: Highest security, limited access
Team Owner / Administrator
Creating and Setting Up Teams
1Create New Team
- Click avatar → Teams → "Create a Team"
- Configure team name (descriptive but not revealing)
- Set privacy settings (private, invitation-only recommended)
- Configure initial permissions
2Set Up Folder Structure
Recommended Team Folder Structure:
📁 [Team Name] Shared Drive/
├── 📁 00-OPEN/ (🟢 Public Access)
├── 📁 01-INTERNAL/ (🔵 Team Members Only)
├── 📁 02-CONFIDENTIAL/ (🟠 Leadership Only)
└── 📁 03-RESTRICTED/ (🔴 Admin Only)Member Roles and Permissions
| Role | Permissions | Classification Access |
|---|---|---|
| Owner | Full admin control | 🟢🔵🟠🔴 All levels |
| Admin | Invite members, manage content | 🟢🔵🟠 Up to Confidential |
| Member | Create/edit documents | 🟢🔵 Open and Internal |
| Viewer | Read-only access | 🟢 Open only |
Inviting Team Members
Preparation Checklist:
- Verify member identity through separate channel
- Confirm member has CryptPad account
- Obtain member's profile link
- Determine appropriate role
- Prepare onboarding materials
Invitation Process:
- Access Team Management: Team → Members → "Invite Members"
- Add Information: Paste profile URL, select role
- Send Invitation: Review details, confirm send
- Follow Up: Notify member, provide support
Security Configuration
Essential Security Settings:
- Set team to "Private" - not discoverable
- Disable public directory listing
- Require invitation for all members
- Restrict external sharing to Admin+ roles
- Set default link expiration times
- Enable audit logging
Document Classification Templates
🟢 OPEN Template:
===== CLASSIFICATION: OPEN =====
Public information suitable for external sharing.
Handling: May be shared freely outside team.
Review: Annual🔵 INTERNAL Template:
===== CLASSIFICATION: INTERNAL =====
Team member information only.
Handling: Team only, no external sharing without approval.
Review: Based on content sensitivity🟠 CONFIDENTIAL Template:
===== CLASSIFICATION: CONFIDENTIAL =====
Sensitive information requiring special handling.
Handling: Admin+ roles only, owner approval required.
Review: Quarterly🔴 RESTRICTED Template:
===== CLASSIFICATION: RESTRICTED =====
Highly sensitive information.
Handling: Owner access only, no electronic sharing.
Review: MonthlyRegular Administrative Tasks
Weekly:
- Review new documents for proper classification
- Monitor member activity
- Check team chat for issues
- Verify backup integrity
Monthly:
- Conduct comprehensive access audit
- Review classification compliance
- Update policies as needed
- Export and backup critical data
Quarterly:
- Assess security posture
- Update classification guidelines
- Plan for organizational changes
- Update disaster recovery plans
💡 Administrator Best Practices
- Zero Trust: Verify everything, trust nothing by default
- Least Privilege: Minimum access necessary for role
- Continuous Monitoring: Regular review and audit
- Incident Preparedness: Plan for when things go wrong
You must be logged in to post a comment.