cryptomator · infeo · Jan 7, 2026 · Feb 23, 2026 · Feb 25, 2026 · Feb 27, 2026
diff --git a/docs/coming-soon/_category_.json b/docs/coming-soon/_category_.json
@@ -0,0 +1,8 @@
+{
+  "label": "Coming Soon",
+  "position": 7,
+  "link": {
+    "type": "doc",
+    "id": "coming-soon/index"
+  }
+}
diff --git a/docs/coming-soon/index.md b/docs/coming-soon/index.md
@@ -0,0 +1,18 @@
+---
+id: index
+title: Coming Soon
+sidebar_position: 1
+---
+
+# Coming Soon
+
+These features are currently in **early access** and will be fully available in upcoming releases.
+
+## Hub 1.5.0
+
+- [User & Group Management](/hub/user-group-management) — Manage users, groups, roles, and permissions directly in Hub
+- Emergency Access {/* TODO: Replace with link once docs are created */}
+
+## Desktop 1.19.0
+
+- [Files-in-use](/desktop/files-in-use) — Prevent accidental overwrites when multiple users edit the same file in a shared vault
diff --git a/docs/desktop/files-in-use.md b/docs/desktop/files-in-use.md
@@ -0,0 +1,60 @@
+---
+id: files-in-use
+title: Files in Use
+sidebar_position: 18
+---
+
+# Files in Use
+
+:::info
+This feature is only available for [Cryptomator Hub](/docs/hub/introduction.md) vaults.
+:::
+
+When multiple people work in a shared vault, two users might try to edit the same file at the same time.
+The **Files in Use** feature helps prevent accidental overwrites in this situation.
+
+## When This Feature Applies {#when-this-feature-applies}
+
+You can run into concurrent edits when:
+
+- a Cryptomator Hub vault is used by multiple team members
+- the vault is synced across multiple devices
+- the vault is accessed over a network share
+
+If another user is currently editing a file, Cryptomator can block opening that file for writing on your side.
+
+:::note
+The usage information is passed with the files being edited.
+Therefore, it requires either the vault residing on shared storage (for example, a network share) or file synchronization.
+In the latter case, it takes around 10s until the status is synchronized to other devices (depending on the sync app).
+:::
+
+## What You Will See {#what-you-will-see}
+
+If a file is currently in use by someone else, Cryptomator shows a notification in the app.
+This means another device or user has an active edit session for that file.
+
+<Image src="/img/desktop/files-in-use-notification.png" alt="Cryptomator notification for a file currently in use" />
+
+## What You Can Do {#what-you-can-do}
+
+In most cases, the best action is to wait until the other person finishes editing and then try again.
+
+You can also choose to ignore the use status and continue.
+Use this only if you are sure it is safe, because forcing access can overwrite someone else's newer changes.
+
+We recommend the following sequence when receiving a "File is in use" notification:
+1. Ask the person shown in the notification whether they are still editing the file.
+1. If they already closed the file but it is still shown as "in use", use "Ignore Use Status".
+1. Open a file marked as in use without checking with teammates only in exceptional situations.
+1. In that case, create a backup copy first to avoid losing edits.
+
+## Stale Use Status {#stale-use-status}
+
+The use status is cleared after some time without file updates (around 10 min).
+If this happens, access is possible again.
+This helps in cases such as device sleep, crashes, or interrupted sessions.
+
+## Related Topics {#related-topics}
+
+- [Synchronization Conflicts](/docs/desktop/sync-conflicts.md)
diff --git a/docs/hub/admin.md b/docs/hub/admin.md
@@ -80,6 +80,24 @@ The following events are logged:
 - **Reset User Account** – A user [reset their account](your-account.md#reset-account).
 - **User Keys Change** – A user changed their keys. This happens when, e.g., the user [finished the account setup](your-account.md#account-setup) or when the `Account Key Changed`.
 
+
+#### Emergency Access {#event-type-emergency-access}
+
+:::info Early Access
+This feature is currently in **early access** and will be fully available in an upcoming release.
+:::
+
+- **Emergency Access Setup** – A vault owner set up or updated Emergency Access for a vault (for example by assigning council members and key shares in Vault Details).
+- **Emergency Access Settings Updated** – An admin changed global Emergency Access settings in Admin.
+- **Emergency Access Recovery Started** – A council member started an Emergency Access recovery process.
+- **Emergency Access Recovery Approved** – A council member approved a running recovery process by submitting their recovered key share.
+- **Emergency Access Recovery Completed** – A council member completed a recovery process after enough key shares were collected.
+- **Emergency Access Recovery Aborted** – A council member aborted a running recovery process.
+
+:::note
+When a council member starts a process, they automatically contribute their own key share. This logs both `Emergency Access Recovery Started` and `Emergency Access Recovery Approved`.
+:::
+
 #### Legacy {#event-type-legacy}
 
 - **Claim Vault Ownership** – A user claimed vault ownership. This event is logged when a vault created with hub pre 1.3.0 is claimed by the vault creator using the `Vault Admin Password`.
@@ -132,3 +150,26 @@ If a user resets their account, their [User Key Pair](/docs/security/hub.md#user
 Additionally, any existing trust chains that included the user will be broken, requiring re-verification to restore trust.
 :::
 
+
+## Emergency Access
-## Emergency Access
+## Emergency Access {`#emergency-access`}
-## Emergency Access
+## Emergency Access {`#emergency-access`}
+
+This configuration defines default Emergency Access values for new or updated vaults.
+
+<Image src="/img/hub/admin-emergency-access.png" alt="Emergency Access" width="1440" height="658" />
+
+Enable `Enable Emergency Access` and configure:
+
+* `Required Keys`: Number of required key shares
+* `Keyholders`: Default council members (only activated users)
+* Optional: `Let vault owners choose different keyholders`
+* Optional: `At least` (minimum members if owners can choose a different council)
+
+:::warning
+A council without redundancy (`Required Keys == number of council members`) is possible, but not recommended.
+:::
+
+:::info Enterprise Feature
+The following Audit Log feature is available only in the **Enterprise Edition**:
+
+- Emergency Access Audit Logs
+:::
diff --git a/docs/hub/emergency-access.md b/docs/hub/emergency-access.md
@@ -0,0 +1,124 @@
+---
+id: emergency-access
+title: Emergency Access
+sidebar_position: 9
+---
+
+# Emergency Access
+
+:::info Early Access
+This feature is currently in **early access** and will be fully available in an upcoming release.
+:::
+
+:::info Enterprise Feature
+Visit [cryptomator.org](https://cryptomator.org/hub/) for more information about Enterprise features.
+:::
+
+Emergency Access allows a defined council to restore access to a vault using key splitting based on **Shamir's Secret Sharing**. A process can only be completed once enough council members approve it.
+
+## Define Emergency Access During Vault Creation
+
+When creating a new vault, there is a dedicated step called `Define Emergency Access Conditions`. For the full vault creation workflow, see [Vault Management](vault-management.md#create-a-vault).
+
+## Define Emergency Access for Existing Vaults
+
+For existing vaults, Emergency Access can be configured or updated in `Vault Details`. See [Setup/Fix Emergency Access Council](vault-management.md#emergency-access-council).
+
+## Start a Recovery Process
+
+There are two process types:
+
+1. `Change Permissions`: Change vault owners/members
+2. `Change Council`: Change Emergency Access council and threshold
+
+Open the `Emergency Access` page, select the vault, and start the desired process type.
+
+<Image src="/img/hub/emergency_access_vault_list.png" alt="Emergency Access Vault List" width="2560" height="1080" />
+
+Only one running process per type is allowed for a vault.
+
+### Change Permissions
+
+When starting `Change Permissions`, you select:
+
+* future `Owners`
+* future `Members`
+
+Users that are no longer part of the selected set are shown as `Removed`.
+
+<Image src="/img/hub/emergency_access_change_permissions_start.png" alt="Emergency Access Vault List" width="2560" height="1080" />
+
+
+### Change Council
+
+When starting `Change Council`, you select:
+
+* the new council members that should hold emergency key shares
+
+The required keys are defined by the configuration in the [Admin settings](admin.md#emergency-access).
+
+<Image src="/img/hub/emergency_access_change_council_start.png" alt="Emergency Access Vault List" width="2560" height="1080" />
+
+:::note
+When starting a process, the initiating user usually adds the first key share automatically.
+:::
+
+## Approve a Recovery Process
+
+In the `Emergency Access` vault list, a running process shows a split process button.
+If a council member has not yet added their share, the right side of the button shows `Approve now`.
+
+<Image src="/img/hub/emergency_access_vault_list_change_council_approve_now.png" alt="Emergency Access Vault List Approve Now" width="2560" height="1080" />
+
+Hover (or click) the **left side** of the process button (the segment ring area) to open the process details popover.
+This popover shows:
+
+* process type and required key shares
+* current progress
+* process council members
+* per-member status (`Added` / `Pending`)
+
+<Image src="/img/hub/emergency_access_vault_list_hover_process.png" alt="Emergency Access Vault List Hover Process" width="2560" height="1080" />
+
+To approve, click the **right side** of the process button (`Approve now`) to open the `Approve Emergency Access` dialog.
+In this dialog, review the process details and click `Approve` to submit your key share.
+
+<Image src="/img/hub/emergency_access_vault_list_change_council_approve_dialog.png" alt="Emergency Access Vault List Approve Dialog" width="2560" height="1080" />
+
+After submitting your share, the button shows `Waiting for other approvals`. You can track the ongoing process progress in the same process button and its details popover.
+
+## Complete a Recovery Process
+
+As soon as enough shares are available, the process button in the `Emergency Access` vault list shows `Complete now`.
+
+<Image src="/img/hub/emergency_access_vault_list_change_council_complete_now.png" alt="Emergency Access Vault List Complete Now" width="2560" height="1080" />
+
+Click `Complete now` to open the `Complete Emergency Access` dialog. In this dialog, review the process details and click `Complete Process` to finalize the recovery process.
+
+<Image src="/img/hub/emergency_access_vault_list_change_council_complete_dialog.png" alt="Emergency Access Vault List Complete Dialog" width="2560" height="1080" />
+
+Results by type:
+
+* `Change Permissions`: Vault roles are updated and required access grants are redistributed
+* `Change Council`: The recovery key is re-split using the new council configuration
+
+After successful completion, the process is removed.
+
+## Abort a Recovery Process
+
+Running processes can be canceled in the dialog using `Abort this Process`.
+
+<Image src="/img/hub/emergency_access_vault_list_change_council_abort_dialog.png" alt="Emergency Access Vault List Abort Dialog" width="2560" height="1080" />
+
+
+## Typical States and Notes
+
+The following warning states can appear in the Emergency Access list:
+
+* `No Vault Council Member anymore`: The user is still part of a running process but no longer part of the current vault council
+* `Broken Emergency Access`: Too few valid shares remain (for example after council members reset their accounts)
+* `No Redundancy`: No fault tolerance in the council
+
+## Audit Log Events
+
+See [Emergency Access Audit Log events](admin.md#event-type-emergency-access).