Locally encrypt Dropbox folder

I would like to encrypt the local copies of my Dropbox files, but not the online versions.

I have log on password protection (not BIOS) on my Windows 7 Ultimate laptop but that's easily circumvented by removing the hard disk and mounting it in another computer. If I lose my laptop, I want to make sure that any client information in my Dropbox doesn't fall into the wrong hands.

I'm not worried about the security of files in the cloud. I trust Dropbox to do a better job at securing my data than me. I also want to be able to access my files from my phone or from the web so encrypting files before uploading is not an option.

My question is: if I simply choose to encrypt the folder using Windows BitLocker encryption (in Folder properties > Advanced), does this fit my requirements? It seems to work but I haven't tried hacking it so I'd appreciate an informed opinion.

Tamlyn

Posted 2013-08-13T10:59:13.733

Reputation: 280

so you trust dropbox ha? That didn't turn so well after the last breach did it :) – AK_ – 2014-10-16T16:02:44.150

2Dropbox will sync the local copies. If the local copies are encrypted Dropbox will sync the encrypted copies with the cloud copies. Can you be specific what you have tried exactly? – Ramhound – 2013-08-13T11:08:25.630

4What you want is a Truecrypt drive (or folder!), lets say D: which is encrypted and not accessible without the correct password. In this drive you save your Dropbox folder e.g D:\Dropbox. After you have logged on, the drive gets decrypted and Dropbox sees all files in its folder without any encryption and so the synced online files are also non-encrypted. In short: Just switch your concept. First the encrypted folder, then the synced dropbox folder. – nixda – 2013-08-13T11:59:49.390

1Is there a reason why you don't want the other files on your storage drive to be encrypted and only worry about the files in your dropbox directory? Keep in mind that the dropbox application stores some settings in your user/AppData directory of which do not know how secure they are – kluka – 2013-08-13T12:01:57.977

1@nixda, you should put it as answer to the question. – VL-80 – 2013-08-13T12:07:19.167

"I have log on password protection on my Windows 7 laptop but that's easily circumvented"?? Your Win7 password is stored on disk! Or do you mean to say that it's a BIOS password and/or that it's a second (non-system) hard disk? Please edit your question. – Jan Doggen – 2013-08-13T14:46:56.853

@JanDoggen My understanding of Windows password protection is that it wouldn't stop someone with physical access to the disk from reading its contents unless (part of) the disk is encrypted with BitLocker encryption. Is this not the case? – Tamlyn – 2013-08-14T10:39:46.177

Misunderstanding. You meant 'any access' without logging in. Your understanding is correct. – Jan Doggen – 2013-08-16T13:11:07.930

Answers

BitLocker only encrypts the local copy. When the DropBox sync client goes to read the file, it's decrypted before DropBox can "see it", so the encrypted version is not transmitted to DropBox.

On a side note for anyone reading this, to expand and clarify the reasoning for using BitLocker (Windows Encryption). If you're not using any file encryption, an attacker could remove your Windows password (easy to do with the right tools) or mount your drive in another system and gain full access to your files without needing your account information. By using BitLocker, you defend against said actions and can still easily access your files without a ton of extra work.

Encrypting your files with an application like Veracrypt is in most cases way overboard and required both a lot of extra work and a lot of bandwidth as Dropbox and other cloud storage systems will have to download the entire container with every change. Veracrypt is a great tool but when dealing with files that don't require that kind of security it is overkill to use it. Bitlocker works just fine for protecting your files on your Windows OS.

Nicholas

Posted 2013-08-13T10:59:13.733

Reputation: 31

you can simply turn on bit locker encryption for the drive in which dropbox resides (if bitlocker is available atall with your version of windows 7 or you may try truecrypt) this way you will have a second layer of protection not only for the files in dropbox(local) but also other files in windows 7.this scrambles the data making it meaningless to anybody without a proper key.

and if you like you may use this link to add an extra layer of security to yor dropbx (online). better safe than sorry.

Ashildr

Posted 2013-08-13T10:59:13.733

Reputation: 2 574

Keep in mind that not all versions of Windows come with Bitlocker. See Bitlocker availability.

– happy_soil – 2013-08-13T13:04:09.353

I think this is more or less what I've done (I have Windows 7 Ultimate). Thanks. – Tamlyn – 2013-08-14T10:30:26.120

Switch your concept: First the encrypted folder, then the synced dropbox folder.

What you want is a Truecrypt folder, lets say D:\Non-encryptedfolder. All files inside that folder are encrypted and not viewable without a password. When someone stole your hard drive, he cannot just mount the drive and see your dropbox files.

Inside this TrueCrypt folder you save your Dropbox folder e.g D:\Non-encryptedfolder\Dropbox. After you have logged on, TrueCrypt de-crypts your Dropbox folder and so the Dropbox application sees all files without any encryption. This way, the synced online files are also non-encrypted.

nixda

Posted 2013-08-13T10:59:13.733

Reputation: 23 233

TrueCrypt is sadly no longer encouraged by their team. ( http://truecrypt.sourceforge.net/ ) Any alternative solutions?

– Chris Phillips – 2014-07-22T22:32:17.483