19
3
I use dropbox a lot, and I'd like to start using my Dropbox account on my work PC, however I want to prevent anyone else from being able to access the files in my dropbox folder other than me on my work PC.
E.g. double clicking my dropbox asks for a password or something on my work PC.
Is this possible? If so, any suggestions?
John Hunt
Posted 2011-05-12T23:44:50.060
Reputation: 2 739
15
Password-protecting the folder won't really do a whole lot if they can just log in as an administrator and claim ownership of the directory themselves.
I'd suggest installing TrueCrypt, and using that to create a file-based encrypted volume. Then put your DropBox directory inside that, and only folks who know the decryption password can get to it.
Note that they could easily install a keylogger on your PC to learn your decryption password without your knowledge.
Also, the requisite disclaimer: Check with your IT department, and don't do anything contrary to established IT policy. Oftentimes organizations frown on personal use of work property (your PC) and resources (the bandwidth used to download from/upload to DropBox), so make sure you aren't violating any rules that could land you in trouble.
Kromey
Posted 2011-05-12T23:44:50.060
Reputation: 4 377
4
I would reccomend using this website:
It does not actually encrypt your files or protect them in any way at all, it just hides them. It seems to me like you don't really need any high level security here, you just don't want people going through your personal files, so this would work great. I use this on a public computer I use at school, and it works like a charm. With the folder hidden, even if someone clicks on the dropbox app, it won't open. Other people can access your data, but it will take more work that the average guy will be willing to put into it.
I realize this is a late addition to this post, but I figure that anyone searching for an answer will now be able to use this if they want.
Benny Richmond
Posted 2011-05-12T23:44:50.060
Reputation: 49
2Ugh. This "script" again. Its popped up a few times on SU. Its absolutely useless. It provides no protection whatsoever. – Keltari – 2013-06-14T15:18:29.443
1
Either password the dropbox folder on your hard drive with Lame Secure or unsync your computer to Dropbox & work thru the browser to upload files. OR down load Hide folders http://www.altomac.com/hide_folders/ & hide the Dropbox folder if using a mac.
Best I think is to use browser to get to from your Dropbox id security is an issue.
ollor
Posted 2011-05-12T23:44:50.060
Reputation: 11
It seems like part of your answer is a restatement of previous answers –– but you do appear to be the first to mention “Lame Secure” or Mac. Can you provide any more information on “Lame Secure” (e.g., a link)? – Scott – 2013-06-28T00:05:30.600
0
If your version of Windows supports it then you can use Windows' built-in encryption to encrypt the Dropbox sync folder access to that folder will require your Windows logon password, even if the administrator logs on to the machine they will require your password to look at the contents of the files (but not the file names themselves). Who can decrypt EFS files?
If the administrator resets your password then everyone will lose access to the contents of those files. So it's kind of fail safe.
More discussion here: Locally encrypt Dropbox folder
Matthew Lock
Posted 2011-05-12T23:44:50.060
Reputation: 4 254
0
Dropbox itself doesn't offer the functionality you're looking for. I was going to suggest using Dropbox Portable, but according to the forums it's been discontinued. You can simply use the web version on the computers that don't belong to you. Otherwise you'd need a third-party app to password protect the Dropbox folder.
goblinbox
Posted 2011-05-12T23:44:50.060
Reputation: 2 414
0
SecretSync is another option. It gives you a folder to drop things into that encrypts them before being synced by Dropbox. (Lifehacker review)
ale
Posted 2011-05-12T23:44:50.060
Reputation: 3 159
As of 2015 Sept, just to share that SecretSync is no longer available.. Had a 404 page not found error to its site and although life hacker review is there, the download link at end of page is dead : The requested URL /download/lifehacker/ was not found on this server. – Nasri Najib – 2015-09-25T14:40:34.753
0
I agree with @Kromey: Using TrueCrypt is the best solution I've found so far.
Get TrueCrypt (free), make a file-based encryption volume, mount it (as a separate drive), 'move' - Dropbox to this volume. Within TrueCrypt you can set this volume as a 'favourite' and get it to mount every time you log on (it will still ask for the encryption password first).
It works brilliant! The only slight issue is that, when you log in, Dropbox may start before TrueCrypt does in which case DB will throw an error saying it couldn't find the local files and will exit. Simply start DB again once your drive is mounted and it'll be happy.
0
After some digging around and a little bit of trial and error, I found out that the best way to lock your Dropbox folder is to install Folder Lock, put your Dropbox shared folder in it and remove the shortcut from your Favorites list in Windows Explorer (for Windows users only). Once it's locked, nobody will be able to access it, not even by clicking on the Administrator (users/yourname) shortcut. I haven't tried this option on a Mac.
galleguito
Posted 2011-05-12T23:44:50.060
Reputation: 1
0
The solution for you is to install Boxcrypter.
Boxcrypter is free and allow you to encrypt one specific folder in dropbox. In order to access this folder, you need to provide a password. Everything you have with high sensitivity needs to be moved to this specific secure folder.
You can use Boxcrypter in your work computer and even in your home pc/laptop.
Boxcrypter not only allows you to hide the content of dropbox to your boss, but to Dropbox support as well. If a hacker get access to your dropbox (even online), all the content inside Boxcrypter is unreadable. ONly you will get access.
caballo2000
Posted 2011-05-12T23:44:50.060
Reputation: 1
-1
Try this:
Finally, in the Dropbox folder of your computer it's going to show only the folders that you want to be synced.
Pedro Feliciano
Posted 2011-05-12T23:44:50.060
Reputation: 1
1This really doesn't provide a solution for the question though. The OP wants to password protect their folders and make them unreadable for others. – slhck – 2013-04-25T19:13:23.503
It's great to encrypt the folder but again, what stops the admin to reset your password and then go to Dropbox preferences, change the dropbox-sync-folder location and sync the whole lot in a non-encrypted folder? – Mehrad – 2017-11-06T01:31:06.033
I am the IT department ;) I work in a very small office with two other people. It doesn't need to be massive security, I just dislike the idea my boss could easily snoop through my personal files. – John Hunt – 2011-05-13T00:08:45.910
2Do you mean put the encrypted volume inside the Dropbox folder? – sblair – 2011-05-13T00:10:14.927
@sblair Nope, I mean the DropBox folder inside the encrypted volume. In this way you have to decrypt and mount the volume before any of the DropBox data is available. – Kromey – 2011-05-13T00:16:32.227
@Kromey Ok, but what if an "attacker" simply launched the Dropbox application? Dropbox would start syncing files to the local machine, completely bypassing the encryption container. I think it would be more secure to have a single file-based encrypted volume, containing all sensitive data, inside the Dropbox folder. – sblair – 2011-05-13T00:31:13.787
@sblair As I don't use Dropbox, I can't speak to the specifics of how it works, but I would be shocked (and appalled!) if there were no option to not remember a user's password to sync files -- i.e. you'd have to enter the password every time you launched the application. If Dropbox is incapable of doing this, I would have to conclude that it is inherently an unacceptable security risk. ...Just looked this up, and apparently Dropbox will remember your password automatically, with no option not to. Not cool, not safe, not secure. – Kromey – 2011-05-13T00:37:38.997
@Kromey In it's defence, there's no point asking for a password after booting/launching unless the files are already encrypted on the disk. – sblair – 2011-05-13T01:04:00.473
Still more secure than just having my files in c:\Documents\Dropbox or whatever.. I understand it's not great but I was just looking for a fairly easy way to keep the files hidden from plain view. You can actually log out of dropbox by clicking 'unlink this computer' – John Hunt – 2011-05-13T01:05:14.623
Plus I was keen on using truecrypt :) – John Hunt – 2011-05-13T01:05:49.633
Ok, so if dropbox can't find it's dropbox folder it doesn't log in and forgets your password - this means that as long as the truecrypt volume is mounted after dropbox starts it's quite secure. – John Hunt – 2011-05-16T22:32:23.673
@John Hunt Well, except for the fact that DropBox stores your username and password in a plaintext file that anyone could simply open and read at their leisure, independent of the application itself... – Kromey – 2011-05-16T22:57:10.087
@Kromey That problem has been addressed in version 1.2.
– sblair – 2011-05-17T19:57:34.417@sblair Unless that encrypted database is decrypted via the user supplying a password or key of some kind, it's little more than obfuscation of the database, and it's just a matter of time before someone decompiles Dropbox and figures out how to decrypt any arbitrary database. Sure, it'll keep out casual snoopers, but anyone who knows what they're doing won't be troubled by it (of course, those folks could easily just employ a keylogger anyway). – Kromey – 2011-05-17T20:39:31.927