As I understand it, the Folder ID is part of the Folder Key (together with the psw set by the user).
This means that to decrypt a folder using the CLI decrypt, I must not only know the psw but also the Folder ID (either by the token in the .stfolder or by specifying it in the decrypt command), correct?
However, while testing and probably in the future when I use Untrusted/Encrypted to create back-ups on unprotected storage (e.g. in the cloud or on un-encrypted disk), I will in some use cases remove the encrypted folder’s configuration from ST. And when removing the configuration, I “lose” the .stfolder and thus one cruical part of the folder key…
Is it an alternative to create the folder key from only the psw set by the user and not also the folder ID?
OK, the “folder id” stays as part of the encryption key!
May I suggest to add to the documentation one of those yellow or red sections pointing out to the user that one need to have both psw and folder id to decrypt/restore encrypted data.
And possibly also references to the new CLI “decrypt”?