- Encryption: Enable AES-256-GCM encryption to protect sensitive backups with password protection
- Password Storage: Your encryption password is never stored - only the salt is saved in
config.json - Credentials: Store configuration files securely, especially if they contain cloud storage credentials
- Environment Variables: May include sensitive information like API keys - consider enabling encryption
- Windows Settings: Backups contain registry exports that can modify system behavior
- Administrator Privileges: May be required for some restore operations, particularly for system-level settings
- Script Review: Always review restore scripts before executing them, especially when restoring Windows settings
- Lost Passwords: There is no password recovery mechanism - encrypted backups are unrecoverable without the password
- Enable Encryption: Protect sensitive data with AES-256-GCM encryption and a strong password
- Secure Your Password: Store your encryption password in a password manager and write it down in a secure location
- Test Restores: Verify you can restore and decrypt backups before you need them in an emergency
- System Backups: Run before major system changes
- Multiple Locations: Keep backups in multiple locations for redundancy (local + cloud)
- System Restore Points: Create a Windows system restore point before restoring Windows settings
- Review Scripts: Review Windows settings restore scripts before running them
- Selective Restoration: When restoring to a different computer, selectively restore settings rather than restoring everything