Securing Dropbox: 6 Steps To Take For Safer Cloud Storage

Joel Lee 01-10-2013

If you use Dropbox, you may be in for some startling news. Despite the fact that Dropbox was the first to bring cloud storage to the masses, it’s widely accepted that Dropbox is no longer the best of its class. One big drawback is that the vanilla Dropbox isn’t very secure, which can be problematic if you’re storing private or sensitive data on your account.  But don’t give up on Dropbox yet! With a bit of effort, you can make it more secure.


Keep in mind that this talk of security is in the context of account security so that no one else can intercept or hack into your files. As far as the NSA and the PRISM project What Is PRISM? Everything You Need to Know The National Security Agency in the US has access to whatever data you're storing with US service providers like Google Microsoft, Yahoo, and Facebook. They're also likely monitoring most of the traffic flowing across the... Read More are concerned, it’s highly doubtful that any of the following steps will prove effective as that’s an issue more core to the Internet than Dropbox itself.

Two-Step Authentication

Last year, Dropbox implemented the ability to use two-factor authentication, a type of log in method that involves more than just a password. As the name implies, this form of log in requires at least two independent steps to verify that you indeed have access to an account. Dropbox’s two-step authentication requires you to enter a password, then Dropbox sends a verification code to your phone.


To enable two-step authentication in Dropbox:

  • Log into your account normally.
  • Click on your account name at the top right and select Settings.
  • Click on the Security tab.
  • Under Account sign in, find Two-step verification and click Enable.
  • Follow the instructions to set it up!

Enable Email Notifications



Email notifications can be a pain, especially when they’re sent out more frequently than spam, but in this case I think you can make an exception. If you enable the feature, Dropbox will shoot you an email whenever a new device or a new app is connected to your Dropbox account. This feature could come in handy if someone tries to tamper with your account by making some sort of rogue connection to view or pull data.

Of course, in most cases, the one making a connection would need permission from your account to connect in the first place, which means they could probably disable the notifications before making their move. However, they could always forget, which means you’ll be notified if someone tries to do something sketchy.

Enable Selective Sync


Selective Sync is a feature of Dropbox that allows you to select which folders you want to keep synced with your account. Sounds pretty straightforward, right? For the most part, Selective Sync isn’t so much a security feature as it is a convenience and organizational feature, but it can be used to minimize exposure.


For example, say you keep your desktop, your laptop, and your tablet synced with Dropbox. If all of your devices were 100% synced all the time, then what would happen if your laptop or tablet were stolen? The thief would have access to every file. However, if your laptop only keeps a particular folder synced and your tablet only keeps a different folder synced, the thief would only have access to whatever is kept synced on that device.

Combining the Selective Sync feature with the Unlink Device feature (mentioned below), you can minimize accidental exposure of files in these kinds of situations.

Unlink Extraneous Devices and Apps


Whenever a device or app makes a connection to your account, Dropbox tracks it. Under the Security tab of the Settings page, you can view a list of all devices and apps that currently have permission to access your Dropbox account. This is, of course, very useful when you want to cut off someone’s access since they can’t reconnect without your account credentials.


This can come in handy with Selective Sync. Say your laptop syncs with a particularly sensitive folder but it was stolen while you were in the café bathroom. You could drive home, log onto Dropbox, and unlink your laptop from your account, which cuts off the thief from accessing any more data. They’ll still have whatever local files are on the laptop, but at least you can cut your losses here.

Use an Encryption App


Perhaps the strongest way to improve your Dropbox account’s security is to start using a third-party encryption app. What’s that, you ask? It’s a program that will keep your files encrypted on the fly without requiring you to do much of anything. Encryption is good because even if someone happens to intercept or hack into your account, they’ll still need to decrypt the files which won’t be too easy.

Fortunately, you have a few options to choose from. BoxCryptor (our review Encrypt Your Dropbox Files With BoxCryptor Dropbox is a great service, but its security track record is nothing to be proud of. We’ve previously written about encrypted alternatives to Dropbox, but let’s be honest -- Dropbox stands out among cloud storage... Read More ) might be the most well-known for Dropbox, but Viivo is an alternative that looks good. A more general encryption solution that works well with Dropbox is TrueCrypt, though it has a bit of a steeper learning curve than the previous two apps. However, once you learn it, you’ll find that it’s pretty powerful. Check out our TrueCrypt guide TrueCrypt User's Guide: Secure Your Private Files To really keep your data safe, you need to encrypt it. Not sure how to start? You need to read our TrueCrypt user manual by Lachlan Roy, and learn how to use TrueCrypt encryption software. Read More if you want to delve deeper.


Use a Stronger Password


We’ve all heard it time and time again, but the safest practice still remains to use unique passwords for all of your accounts and to make sure those passwords are strong. Dropbox is no exception. In fact, using a universal and stagnant password is one of the most common security mistakes 5 Common Security Mistakes That Can Put Your Privacy & Money At Risk How vulnerable are you? Ask any person who’s been robbed if it came as a surprise - I guarantee you it did. As the saying goes, the thief always comes in the night when you’re... Read More you could make and you leave yourself vulnerable by doing so.


Again, Dropbox isn’t the most secure cloud storage service out there. We’ve written about secure alternatives to Dropbox Secure Your Files: 3 Encrypted Dropbox Alternatives Dropbox brought cloud-based file synchronization and storage to the masses, but it's been hindered by high-profile security problems. Fortunately, you have another option — an alternative service that secures your files with local encryption and... Read More before, but for those of you who wish to stay with Dropbox for whatever reason (I’m still a Dropbox user), the tips above will help you maximize your account’s security. In the future, we can only hope that Dropbox continues to implement increased security measures.

How else do you keep your Dropbox account secure? Have you run into any issues regarding hacked accounts or intercepted files? Share your thoughts and experiences with us in the comments!

Image Credit: Key lock Via Shutterstock, Data Encryption Via Shutterstock, Password Field Via Shutterstock

Related topics: Cloud Storage, Dropbox, Encryption, Online Security.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Kelly garcia
    March 17, 2014 at 10:24 am

    I could agree more about the article that you have written but if you look widely there are many more software which are taking over so many current software in market.
    I have been using encryption methods since 10 years almost and have used almost every software.
    Recently i have been using #dataprotecto for online cloud storage which is giving 500 mb free space also and turning out to be a great cloud storage software.

  2. Faith
    February 24, 2014 at 9:28 pm

    Dropbox now states that your files are encrypted on Amazon's S3 servers.
    You recommended using 3rd party encryption apps. Why are they needed if Dropbox uses Amazon's encryption? Thanks!

    • jdh
      January 21, 2015 at 11:29 pm

      Did you ever get a reply to this? I have the same question.

  3. Gregori G
    November 5, 2013 at 3:36 am

    I liked the way Viivo wroks. I decided to use it, it says the encryption occurs on the client side (your own computer), so everything you drop in the Viivo folder is Encrypted and uploaded to Dropbox (now it supports other services like Box, Google drive, and others).

    Once encrypted, the files are decrypted on your other computers, where you must have Viivo too. Also has Android and iOS apps.

    Im giving it a try.

  4. Carla
    October 29, 2013 at 10:29 am

    I agree that Dropbox was the first one which offered such kind of services, but at the moment there are more companies which can give even better services with additional features .e.gAcronis , which has cloud storage and backup at the same time. Besides, the security is important. Acronis is good in the means of security protection.

    • Joel L
      October 31, 2013 at 9:13 pm

      I haven't heard of Acronis but I'll give it a look. Thanks!

  5. So Yeaaa About That Issue
    October 13, 2013 at 2:58 am

    The past few days I've become more aware of the lack of security on Dropbox. I've been a Dropbox user for about 2 years now. What gets under my skin is that Dropbox promotes sharing folders but has literally no way to lock a folder. You can right click it, there's no option. I've searched the obscure so called knowledge base they have, and came out with 0 results. I'll be switching sometime soon. Once I've found a cloud service that feels a bit more secure than Dropbox.

    • Dennis C
      October 15, 2013 at 1:23 am

      So would you like to elaborate? Enlighten Us!

  6. Freedom Fighter
    October 3, 2013 at 5:31 am

    I use Cloudfogger encrypt it gives me a convenient experience.
    Cloudfogger with Boxcryptor difference where?

  7. Hildy J
    October 1, 2013 at 8:59 pm

    While purpose built encryption apps are great within a closed ecosystem, sometimes you need broader access (for you or others) from systems that don't or can't have a client installed.

    I recommend putting your files in encrypted zip files before uploading. Almost any device can decrypt zip files and you save space.

    • Joel L
      October 4, 2013 at 2:15 am

      That's a good point. I think TrueCrypt works like that!

  8. Abhishek R
    October 1, 2013 at 6:38 pm

    @joel lee

    I have some documents which are not so important for me like previous session/class notes, receipts of online bil payment and some others. What i want is a service where i can easily upload(mind upload and not sync) so that whenver i need them i will download them BECAUSE THEY ARE CLUTERING THE MINAMALISM OF MY COMPUTER AND I NO LONGER WANT THEM ON MY COMPUTER. secondly the service should take the whole folder for uploading and not a single file one after one and one more thing (based on whatever you suggest an software or website) it should have the ability to detect that folder for new files to be uploaded.

    • Joel L
      October 4, 2013 at 2:14 am

      Using the Selective Sync feature, Dropbox fulfills those three requests.

      1) You have a central Dropbox account on which you can upload and download files. You can use this without ever using the sync feature, if you wanted.

      2) Dropbox allows you to drag-and-drop both files and folders to upload them to the central account.

      3) With Selective Sync, Dropbox will keep whatever files and folders synced across multiple devices. You can set Selective Sync on individual devices to determine which files and folders you want to keep synced on that *particular* device, too.

      I hope that answers your questions.

  9. Dinatekno
    October 1, 2013 at 4:34 pm

    I've used Viivo for over a year. It's integration is tight easy to use.