If you use Dropbox, you may be in for some startling news. Despite the fact that Dropbox was the first to bring cloud storage to the masses, it’s widely accepted that Dropbox is no longer the best of its class. One big drawback is that the vanilla Dropbox isn’t very secure, which can be problematic if you’re storing private or sensitive data on your account. But don’t give up on Dropbox yet! With a bit of effort, you can make it more secure.
Keep in mind that this talk of security is in the context of account security so that no one else can intercept or hack into your files. As far as the NSA and the PRISM project are concerned, it’s highly doubtful that any of the following steps will prove effective as that’s an issue more core to the Internet than Dropbox itself.
Last year, Dropbox implemented the ability to use two-factor authentication, a type of log in method that involves more than just a password. As the name implies, this form of log in requires at least two independent steps to verify that you indeed have access to an account. Dropbox’s two-step authentication requires you to enter a password, then Dropbox sends a verification code to your phone.
To enable two-step authentication in Dropbox:
- Log into your account normally.
- Click on your account name at the top right and select Settings.
- Click on the Security tab.
- Under Account sign in, find Two-step verification and click Enable.
- Follow the instructions to set it up!
Enable Email Notifications
Email notifications can be a pain, especially when they’re sent out more frequently than spam, but in this case I think you can make an exception. If you enable the feature, Dropbox will shoot you an email whenever a new device or a new app is connected to your Dropbox account. This feature could come in handy if someone tries to tamper with your account by making some sort of rogue connection to view or pull data.
Of course, in most cases, the one making a connection would need permission from your account to connect in the first place, which means they could probably disable the notifications before making their move. However, they could always forget, which means you’ll be notified if someone tries to do something sketchy.
Enable Selective Sync
Selective Sync is a feature of Dropbox that allows you to select which folders you want to keep synced with your account. Sounds pretty straightforward, right? For the most part, Selective Sync isn’t so much a security feature as it is a convenience and organizational feature, but it can be used to minimize exposure.
For example, say you keep your desktop, your laptop, and your tablet synced with Dropbox. If all of your devices were 100% synced all the time, then what would happen if your laptop or tablet were stolen? The thief would have access to every file. However, if your laptop only keeps a particular folder synced and your tablet only keeps a different folder synced, the thief would only have access to whatever is kept synced on that device.
Combining the Selective Sync feature with the Unlink Device feature (mentioned below), you can minimize accidental exposure of files in these kinds of situations.
Unlink Extraneous Devices and Apps
Whenever a device or app makes a connection to your account, Dropbox tracks it. Under the Security tab of the Settings page, you can view a list of all devices and apps that currently have permission to access your Dropbox account. This is, of course, very useful when you want to cut off someone’s access since they can’t reconnect without your account credentials.
This can come in handy with Selective Sync. Say your laptop syncs with a particularly sensitive folder but it was stolen while you were in the café bathroom. You could drive home, log onto Dropbox, and unlink your laptop from your account, which cuts off the thief from accessing any more data. They’ll still have whatever local files are on the laptop, but at least you can cut your losses here.
Use an Encryption App
Perhaps the strongest way to improve your Dropbox account’s security is to start using a third-party encryption app. What’s that, you ask? It’s a program that will keep your files encrypted on the fly without requiring you to do much of anything. Encryption is good because even if someone happens to intercept or hack into your account, they’ll still need to decrypt the files which won’t be too easy.
Fortunately, you have a few options to choose from. BoxCryptor (our review) might be the most well-known for Dropbox, but Viivo is an alternative that looks good. A more general encryption solution that works well with Dropbox is TrueCrypt, though it has a bit of a steeper learning curve than the previous two apps. However, once you learn it, you’ll find that it’s pretty powerful. Check out our TrueCrypt guide if you want to delve deeper.
Use a Stronger Password
We’ve all heard it time and time again, but the safest practice still remains to use unique passwords for all of your accounts and to make sure those passwords are strong. Dropbox is no exception. In fact, using a universal and stagnant password is one of the most common security mistakes you could make and you leave yourself vulnerable by doing so.
Again, Dropbox isn’t the most secure cloud storage service out there. We’ve written about secure alternatives to Dropbox before, but for those of you who wish to stay with Dropbox for whatever reason (I’m still a Dropbox user), the tips above will help you maximize your account’s security. In the future, we can only hope that Dropbox continues to implement increased security measures.
How else do you keep your Dropbox account secure? Have you run into any issues regarding hacked accounts or intercepted files? Share your thoughts and experiences with us in the comments!