Is Dropbox Secure? Everything You Need to Know
You may know Dropbox as one of the most well-known platforms for storing your files on the cloud. But just how secure is it?
If you upload your most precious files to Dropbox’s cloud storage, are they safe from hackers? What about rogue Dropbox employees?
In this article, we’ll explore how secure Dropbox is and what you can do to improve Dropbox’s security. As a bonus, we’ll also be listing three highly secure alternatives to Dropbox, just in case!
What is Dropbox Cloud Storage?
Launched in 2008, Dropbox is a cloud storage service that allows its users to store their data on its servers. Basically, you can upload anything that you wanted onto Dropbox’s servers, and they’ll keep it there permanently (until you delete those files, of course).
When they launched, they provided 2 GB of free storage to its users, offering an expanded 50 GB of storage for $9.99 per month. Today, Dropbox still offers 2 GB of free storage, but their $9.99 per month offer has ballooned from 50 GB to a massive 2 TB of storage.
Nowadays, Dropbox can even be used on iOS and Android, enabling users to access their files anywhere and anytime. What’s more, Dropbox’s services have also expanded to include file synchronization, collaboration, and backup services, among others.
Okay, But Is Dropbox safe?
Now, onto our main topic—just how safe and secure is Dropbox?
The simple answer to this is that, for most users, Dropbox is generally secure. However, Dropbox has been hacked before, as in October 2022.
Fortunately, the attackers were only able to access Dropbox’s copies of modified third-party libraries as well as “internal prototypes and some tools and configuration files used by the security team,” according to Dropbox’s report.
This means that the files, usernames and passwords, and payment information of Dropbox’s users were unaffected by this hack. Likewise, Dropbox’s infrastructure and core app code was also left unscathed by the 2022 hack.
How good is Dropbox’s encryption?
But what if a hacker was able to gain access to Dropbox’s servers? Luckily, they still wouldn’t be able to crack open your precious files—Dropbox uses AES 256-bit encryption, ensuring that if someone were to get their grubby little hands on your files, they’ll still need a key to decrypt them.
Dropbox’s security measures also extend to when you transfer files to and from your devices, as they use Secure Sockets Layer (SSL)/Transport Layer Security (TLS) encryption protocols, which protect files in transit from those pesky man-in-the-middle attacks.
They also offer pretty reliable file recovery
Additionally, Dropbox also has a file recovery feature, which lets you restore any accidentally (or maliciously) deleted files on your account for up to 30 days. This further ensures that all of your personal files—be they old photo archives, massive office spreadsheets, or sensitive PDF documents—are safe from hackers, erroneous revisions and deletions, and viruses.
Is there room for improvement?
Despite these formidable security features, Dropbox has a pretty glaring issue: it doesn’t offer client-side encryption. For those who don’t know, client-side encryption simply means encrypting your files yourself before you even upload them to Dropbox.
Once it’s encrypted, you’ll need to assign a password that you’ll need to type in each time you want to access your encrypted file. Without this password, the file cannot be accessed in any way.
This is one of the strongest methods for securing your files, as it ensures that only you will have access to your files. Even Dropbox won’t know your password (and thus the way to decrypt your files), as it’s exclusive to you.
This may change soon, however, as Dropbox recently acquired Boxcryptor, a German cloud security company. This acquisition can help bring client-side, zero-knowledge encryption soon to Dropbox’s catalog of features.
For now, though, those that want the absolute best security via client-side encryption will have to look elsewhere.
Ways To Improve Security When Using Dropbox
Given this lack of client-side encryption, you may want to employ other means of boosting your security when it comes to Dropbox. Here are six of the easiest ways to instantly improve the security of your files on Dropbox:
- Use two-factor authentication
Enabling two-factor authentication is one of the easiest ways to level up your Dropbox account’s security.
One of the first (and easiest) things that you can do to improve your Dropbox security is to set up two-factor authentication (2FA). When you turn 2FA on, you’ll need another method to confirm your login.
For example, when you log in to Dropbox on your PC, you can choose to receive a text message or mobile app notification to validate your login. Making it so that any would-be attackers would need to have access to your phone before being able to access your Dropbox account. - Encrypt your files yourself
Why wait for Dropbox to implement client-side encryption when you can do it yourself?
We’ve mentioned that Dropbox doesn’t offer client-side encryption. What we haven’t told you is that you can simply do it yourself! For example, you can simply use the aforementioned Boxcryptor—which already integrates to work with Dropbox seamlessly, by the way—to encrypt your files before they are uploaded.
This encryption ensures that nobody other than you can access your files—just don’t forget your password! And on that topic… - Use strong passwords
Although this is one aspect of security that most people take for granted, you should always think carefully when it comes to your password. Simply using an easily searchable birthday or pet name in your password (and reusing that password across all of your accounts) just won’t cut it anymore.
But how are you supposed to remember all of these passwords? How are you going to come up with a new password each time you make a new account?
Don’t worry! All of these issues can be easily solved with a password manager, which will generate and store your passwords for you. Throw away those sticky notes—you won’t have to write each of your passwords down anymore! - Set up email notifications
Turning Dropbox’s email alerts on notifies you of any unauthorized logins or deletions.
Next up, you can turn on email notifications for your Dropbox account. By doing this, you’ll receive email updates whenever something changes in your Dropbox account, such as logins from unfamiliar devices or browsers, access from new apps, or when numerous files are deleted. - Check your linked devices
Linking your account across multiple devices helps you log in easier, but not removing those links can cause issues down the road.
If you’ve been using Dropbox for a long time, you may have used it across multiple computers, laptops, or phones. This results in a pretty long list of devices that are linked to your account, and each of these devices could be a potential vulnerability.
Fortunately, you can simply log out remotely from these devices. By clicking on the “Security” tab and checking the “Devices” list, you can simply click on the trash can icon next to the device that you want to be logged out of and then click on “Unlink,” effectively eliminating any vulnerabilities that may arise from these old devices. - Learn about remote wipes
What’s great about Dropbox is that it also allows for remote wipes. If your phone, laptop, or computer got lost or stolen, you can simply log in from a different device and then wipe your files from a specific device remotely, ensuring that whoever has your laptop or phone will be unable to access your files on Dropbox’s cloud.
3 Secure Cloud Storage Alternatives to Consider
One other easy alternative to improve your files’ security is to simply migrate to another cloud storage provider. But where do you start? There are literally hundreds, if not thousands, of cloud storage services nowadays, and not all of them may be secure.
Fret not! We’ve reviewed the best cloud storage platforms out there, and here are three alternatives to Dropbox that you’ll want to check out:
1. Nordlocker
Nordlocker is a cloud storage service that offers secure and private data storage. It’s a good alternative to Dropbox because it has the same features as regular cloud storage services (such as AES-256 encryption) but also comes with an expanded suite of security features to protect your files from hackers or other malicious users.
Unlike Dropbox, Nordlocker offers end-to-end, zero-knowledge encryption, which means that not even Nordlocker knows that you upload to its servers. What’s more, it also automatically backs up your files to the cloud, ensuring that your data is safe from malware, hackers, and accidental deletion!
Nordlocker offers all of these features at an extremely affordable price, which starts at $2.99 per month for a pretty hefty 500 GB of storage. It even offers 3 GB of storage for free, which is pretty handy if you want to test out Nordlocker’s beefy set of features.
2. Internxt
Internxt is another alternative to Dropbox that also offers end-to-end, zero-knowledge encryption in addition to its file-sharing and storage services. It offers a commitment to your files’ safety and privacy, and Internxt walks the talk.
It offers AES-256 encryption, even stating that “the most powerful processor in the world would need twice the age of the universe to decrypt a small file.” And, Internxt also complies with the European GDPR, furthering this commitment to the privacy and security of its users (and their files).
This commitment is taken very seriously by Internxt, as they’ve even been independently audited and verified by Securitum, which they tout as “Europe’s leading penetration testing company.”
Price-wise, Internxt is no slouch, either: it offers 10 GB of storage for free, and its paid options start at €0.89 (about $0.96) for 20 GB, which is quite frankly dirt-cheap for such a secure file storage service.
What’s more, Internxt also offers a pretty unique lifetime payment option: for a one-time payment of €149 (around $161), you’ll have a whopping 2 TB of storage forever, making it the perfect choice for customers who want long-term, highly secure cloud storage.
3. Sync.com
Sync.com is yet another highly secure alternative to Dropbox. Like the other previous storage services that we’ve listed, Sync also offers zero-knowledge encryption alongside their other touted features, which all come wrapped up in a simple, user-friendly interface.
These features include support for Mac, Windows, and mobile devices, custom-branded file portals for sharing files with other businesses, real-time backups, and Sync CloudFiles, which lets you access your files on the cloud directly via Windows Explorer or Mac Finder—no browser logins or extensions needed!
When it comes to pricing, Sync doesn’t pull its punches: it gives you 5 GB of storage for free, with paid options starting at $8 per month for a massive 2 TB of very secure cloud storage.
Don’t Drop Dropbox Just Yet!
And that’s it! To be honest, Dropbox’s security features are enough for most people. If you’re just using it to keep old, non-work-related files, then Dropbox’s security measures are enough for your needs.
However, if you want the absolute best when it comes to security for your cloud-based files (be they highly sensitive or otherwise), you’re going to have to use client-side, zero-knowledge encryption to secure your files. Luckily, with the three alternatives that we’ve listed, you’ll be able to do just that (and even save some of your hard-earned cash)!
