When you run the SafeHouse Branding Wizard to create a new group, the output is a .BRAND file which contains all of the information needed to fully describe the group.
BRAND files can easily be identified by their distinctive icon shown here at the left. By default, they are typically saved to your C:\SafeHouse folder; however, you are free to save them anywhere that makes sense for you.
Brand files contain the following information:
Administrator contact information
Optional message to be displayed to users creating new volumes
SafeHouseAdmin.com login name (but not the password)
Computer-generated random values used to increase the security of cryptographic operations
Computer-generated public encryption key assigned to the group (does not need to be kept secret)
File integrity and checksum values
.BRAND files do not contain any information that is deemed to be sensitive. Your administrator password is not included in the file. As you can see in the above list of file contents, the file contains values for some of the text prompts you answered while running the Branding Wizard as well as some computer-generated values.
Please be sure to keep your .BRAND files around for the entire time that you have live deployed copies of SafeHouse which are based on these files. You'll need access to your .BRAND files whenever performing tasks with either the Branding Wizard or the Deployment Wizard.
If you mistakenly delete your original .BRAND file, there are two ways to potentially recover:
If the respective group is registered with SafeHouseAdmin.com, you can easily download a copy from that website after displaying the Group Details page for the subject group.
If you have a copy of SafeHouse installed on some machine which happens to be branded with the group for which you are missing the file, then you can use the Branding Wizard to extract the group information from the SDWLIB.DLL file residing in the SafeHouse programs files directory on that other machine. To perform this extraction, run the Branding Wizard and select Brand files using an existing branding group on the Select Branding Task page. Then, when asked for the filename of the existing .BRAND file, enter the filepath to the aforementioned SDWLIB.DLL file. The wizard will detect this special mode and rebuild your .BRAND file using information extracted from the DLL.
Brand files do not contain any sensitive information and therefore cannot be compromised. It simply doesn't matter who gains access to this file. The most anyone could do with it is embed it into some other copy of SafeHouse which would allow you, but not them, to reset passwords on new volumes -- and there's no downside to that.
On the other hand, if your group password were also compromised, then the intruder would be able to masquerade as an administrator. Keep your group password secret!