Dropbox, like most cloud file services, helps millions of people store their files in the cloud, share them with their friends, and access them from all their devices.
While such services provide a lot of flexibility, it is important to feel safe that your files will not be lost or stolen. In the following sections, we see if Dropbox is secure and if there are any Dropbox security risks while using this service.
What is security in Dropbox?
Dropbox is designed with multiple features in order to make sure your data is safe and secure! It provides many layers of protection to ensure no third party will have access to your data without you providing it.
Let’s explore all the different layers of Dropbox security and controls you can enable to feel safe and trust the integrity of your files.
Dropbox account security
Dropbox supports a wide range of features to help you secure your account and make sure that no unwanted third party will have access to your files.
Dropbox password-protected login
The first and most important feature to secure your account is a password-protected login. By creating a unique and strong password, you can make sure no one other than you will have access to your personal files. Dropbox suggests changing your account password regularly and will remind you to do it. They also provide the “Dropbox Passwords” tool which can help you create and save all your account logins, security codes, and payment cards, and sync them across your devices.
Dropbox breach monitoring
Dropbox passwords tool comes with another great feature called “breach monitoring”. With Dropbox Password breach monitoring, you can opt in and get notified when an account linked to your email address has been exposed on the web.
Dropbox multi-factor authentication
The last but not least feature to increase security in Dropbox is multi-factor authentication. Dropbox uses MFA as an extra layer of security for your account. You can link your mobile phone or a mobile app like Google Authenticator so you can receive a six-digit security code every time you try to log in. This will make sure that no third party will be able to log in to your account without this security key.
Dropbox is a very convenient way of sharing files. You can generate a unique link and share it with your friends so they can access a particular file or folder without them having a Dropbox account.
The public Dropbox link usually has the below format (without spaces):
https: //www.dropbox. com/s/adf155as45w6mnjy/
The generation of such links is following the approach “Security Through Obscurity”. This approach ensures that the generated link is unique and completely random, which means that no one can guess the link.
While this doesn’t ensure that no unwanted third party can have access to this link, it makes it really difficult for someone to guess it. Brute-force attacks (someone trying all different combinations of characters) are really resource-heavy and without a standard pattern (standard characters or link length), it’s not worth trying.
In any case, if you’re still not feeling that safe, you can request your peers let you know as soon as they have accessed and downloaded the file. Then you can disable the shared link and create a new one if needed.
Dropbox file security
Here comes the most important part! Is there any Dropbox security vulnerability about your files or how well are they secured within Dropbox? There are two ways that Dropbox helps you secure your files.
Dropbox file encryption
Dropbox files are stored using 256-bit Advanced Encryption Standard (AES). 256-bit AES encryption supports the largest bit size key length and is practically unbreakable based on current computing power. Using 2 billion high-end computers, it would need 13,689 trillion trillion trillion trillion years to break a 256-bit AES encryption via a brute-force attack. As you can imagine, there is simply no way for someone to decrypt your files even if they have access to Dropbox servers.
Dropbox file version restore and recovery
Besides encryption, another layer of security in Dropbox is Restore and Recovery. If you accidentally delete a file or save a new version of a file that you’re not happy with, Dropbox can help you recover it. Dropbox stores copies of your deleted files and old versions for a certain period of time and provide you with the ability to instantly recover one.
Extra backups outside of Dropbox
In order for you to add an extra layer of security of Dropbox when it comes to files, you can use a third-party tool to create additional backups outside of Dropbox. Coupler.io is such a tool that will help you seamlessly connect Dropbox to Excel, Dropbox to Google Sheets, or Dropbox to Google BigQuery. So, you’ll be able to automate the backup of data from your CSV and Excel files on a custom schedule. This can be as easy as follows:
- Sign up to Coupler.io, then click Add new importer.
- Select Dropbox as the source and the destination app, for example, Google Sheets.
- Then you’ll need to connect your Dropbox account and select the files to be backed up.
- After that, select where to load the data from the chosen Dropbox files.
- The last step of this extra Dropbox security method is to schedule your exports so that the backups are done automatically.
Dropbox vault security
The last layer of security in Dropbox for your files is a feature called Dropbox Vault. This lets you create a specific folder in Dropbox that will contain your most sensitive files. This folder (or vault) is protected with an extra password or PIN and can’t be opened or accessed by third-party apps. However, you can share this folder with a set of trusted contacts to mitigate your Dropbox security concerns.
This feature is currently available to users on the Dropbox Plus, Professional, and Family plans. To create the vault:
- Sign in to dropbox.com.
- Click your profile in the top-right corner.
- Click Settings.
- Click the General tab.
- Under Features, next to Vault, click Set up. A setup window will open.
- Click Next.
- Type a PIN and click Set PIN.
Voila! Now your vault is created and it is protected by your provided PIN.
Are there any Dropbox security issues?
Like many tools and services on the internet, there have been some Dropbox security issues in the past. These issues have been resolved but let’s see what happened.
Dropbox security breach
On August 25, 2016, in a post within their blog, Dropbox announced that 68 million user email addresses with hashed passwords have been exposed.
Dropbox performed a deep investigation on the matter and found out that the report was indeed legitimate. This incident seemed to affect only accounts created before mid-2012.
Based on the investigation, there was no indication that user accounts have been improperly accessed and the passwords were hashed. All users were immediately notified and, as a precaution, Dropbox proactively reset their passwords to keep their files safe. This was the largest of the known Dropbox security issues so far.
Dropbox security risks
As with any online service, using Dropbox to store your files comes with a risk. Dropbox has been designed from the ground up to support multiple layers of security and help you keep your files safe and secure.
Moreover, Dropbox has a dedicated security team that works to protect and monitor the service while they keep implementing additional security features.
Dropbox security for business
Besides the layers of protection, Dropbox has developed additional tools for control and visibility. They have a dedicated Dropbox Business plan that empowers business administrators to protect all user accounts across various interfaces.
They also provide the Dropbox Business API that allows partner integrations so that businesses can map their specific IT processes to Dropbox.
Should I use Dropbox?
Having said all the above, Dropbox is a secure and trusted service for millions of individual users and businesses. They have implemented many layers of protection to ensure your file’s safety and integrity.
Their dedicated security teams have been updating the service over the years, making sure that it follows the latest security standards. If you’re thinking about whether Dropbox is the right tool for you, then security is one of the reasons you might want to consider it.Back to Blog