How to avoid losing all my files when my Dropbox syncs to a compromised Dropbox account?

So I am trying to find a way to prevent a possible Dropbox doomsday scenario.

Say someone gets my dropbox login credentials. They log into the Dropbox web interface as me. They delete all my files. They change the account password. They change the account username/email. Lastly, they wait a few minutes to let my computer sync and then they unlink my computer from the account.

Later on in the day, I come back to my computer and my Dropbox folder is empty. All my Dropbox files, GONE.

Now, normally I can just open the dropbox menu and click launch dropbox website and open the web interface with no password. But I can't now because my computer has been unlinked. And I can't go to the web interface and restore them because the password has changed. I can't say I forget my password because my email/username has been changed. I am totally screwed.

This is the scenario I want to protect myself from.

I am thinking the only way to do this is making backups of my dropbox folder on a daily basis (with a cron tab task). That way if this scenario happens I will at least have the day-old data.

Any other ideas? Thanks.

harishtella

Posted 2010-09-29T03:39:20.770

Reputation: 351

4Use a better password? – Fake Name – 2010-09-29T04:17:19.423

10That's what backups are for. – Paused until further notice. – 2010-09-29T04:26:34.757

normally I can just open the dropbox menu and click launch dropbox website [..] I can't now because my computer has been unlinked. Back to your first assumption: how can the files get to be deleted from your computer then? So, did you check: is there any syncing after the password is changed only on the website? (Ah, maybe if they first delete the files, then wait until the first sync, then change the password.) I guess calling customer service will help... – Arjan – 2010-09-29T05:18:54.633

4Is there something unique about dropbox that would be cause for concern? This same scenario could play out with your email account as well, could it not? I back up my email over IMAP with getmail, so honestly I couldn't care less if someone cracked my account and cleaned everything out. My question is, why single out dropbox here? – Wesley Rice – 2010-12-17T04:51:17.600

Answers

Use SugarSync or SpiderOak to backup the same directory as dropbox.

Update 1/2017:
Plenty of options for other backup systems these days including self hosted ones like NextCloud.
Dropbox has an option for email notifications for new logins to alert you quicker to a problem.
Dropbox has 30 days un-delete if you can access the web interface. Pro has an option to extend that to one year.

Dropbox has added 2 factor auth to help prevent bad logins from ever happening in the first place.

There's also a number of hardware NAS solutions and external hard drives that can sync to dropbox, providing a number of ways - from an offline disk to a custom backup plan on a NAS to keep a snapshot of your files.

alpha1

Posted 2010-09-29T03:39:20.770

Reputation: 1 638

Maybe do a cron job to cp -R or rsync your Dropbox folder with another on the same machine. It may take up twice as much space but will be much safer just in case your "Doomsday scenario" were to occur.

Wuffers

Posted 2010-09-29T03:39:20.770

Reputation: 16 645

True, but this was kind of part of the question: I am thinking the only way to do this is making backups of my dropbox folder on a daily basis (with a cron tab task) – Arjan – 2010-10-24T13:16:15.757

If you don't mind the cost then you could backup to 2 places, one could be purely an online backup service along with drop-box.

This link could throw some light into alternate backup services.

And if you are real finicky about your backups, you could reserve and entire partition or a hard-drive to sync your matter locally, continuously and real time like what DropBox does. You can achieve this using Acronis True Image Home, or CrashPlan.

CrashPlan has a free version, but for continuous backup you need CrashPlan+ which a paid version.

CrashPlan+ offers continuous, real-time backup, stronger 448-bit encryption and web restore from CrashPlan Central.

Acronis has a 30 day evaluation period, but you need to pay for the software if you want to use it beyond the evaluation period.

Both these software also have an online storage option, naturally a paid for service though CrashPlan gives you this services free for 30 days.

rzlines

Posted 2010-09-29T03:39:20.770

Reputation: 7 006