Apps and Installations
Have a question about a Dropbox app or installation? Reach out to the Dropbox Community and get solutions, help, and advice from members.
An option Dropbox can consider:
Password protect 'Selective Sync' option so we can safely selective-sync folders on our work(or public) computers without being worried about someone else syncing the whole folder in our absence?
As is Condition: Clicking 'Selective Sync' opens up a window to select the folders.
Proposed: Clicking on 'Selective Sync' option opens up an authentication window (2-step or whatever user's default is), before it even shows the folder hierarchy. This way our data can be secured on external computers.
Key Benefits: Well, the list is long but in simple world, nobody can actually get access to our entire Dropbox folder if we just synced one folder on it. People can then easily sync selected folders on selected machine (folder1 on machine1, folder2 on machine2 and so on...). The unlink feature doesn't really work in a scenario where the other person simply closes Dropbox application and remove the app all together. The data will still be available on the machine and unlink will be pending. User can never come to know what folders were synced before this happened (a big security threat).
Our Association uses Dropbox Pro for all its filing, downloaded on to desktops. How can we password protect the HR file so that sensitive information cannot be accessed by all users?
This software works well to password protect the Dropbox folder.
I put the Dropbox folder inside the hidden disk which is password protected.
If I restart the computer the disk is hidden again and the password is required.
To a handful of 'know it all' super users (I previously used an expletive but decided that wasn't appropriate but feel free to imagine the use of one) - stop shoving your 'use the user account' protection or 'it's the OS' problem' or 'you are mixing corporate with personal' opinion down everyone's throat. It's none of your business - we want a solution that does the following:
DROPBOX - we, the users, want the ability to password protect Dropbox files on a PC such as a timeout facility that requires a pin number to access the folder. See the problem definition and solution on the Sookasa website - that's exactly what we want except by Dropbox.
Created Windows VHD disk encrypted .. on my Work PC, password protected. Morning i will mount VHD (password). & later just un-mount VHD.
This can be automated with logon/logoff i guess. Yes VHD has my DB folders. Protect VHD file itself with Windows files security in case someone deletes it by mistake!
@Krishnendu and all.
I think we have driven the topic a tad off-track. Yes, protecting already synced files are OS thingy and not Dropbox's concern. Also, even I remove the files before giving the harddisk, there are ways to recover the data even if the harddisk is formatted! Isn't it? Until you are really smart and do a low level format. I think the concern (at least mine) was -
"Someone opens the Dropbox app and sync other folder which you didn't want to sync on that machine in first place". There is a difference in password protecting the available folders on the machine and password protecting the SYNC FEATURE in the app itself.
Dropbox is you care a bit, below will solve most of the issues:
PASSWORD PROTECT the Dropbox app on Windows machine. Let's see step 3 again
3. User B comes on the machine, open the Dropbox app and try to sync - It asks for the Dropbox password. Result! Bang, User A has just saved his @$$.
I think dropbox doesn't want to provide this feature coz then it would reduce the sales of Business Package. Buy more user licenses and then share, right Dropbox!?
First DB could secure the app from people playing with it. but dont, also they dont secure the web interface when you connect from the app so that would have had to be secured as well (I actually suspect something to do with the way they access the web prevents them from managing this, but have never looked to far into it)
ANYWAY... for windows users (likely other OS's can follow suit)
For anyone who wants to know how to secure the DB app from having its settings (YEAH ALL OF THEM!) changed and also denying access to the person using the machine the web interface... LIKE WHAT! the whole kit in one shot? Yeah thats right.
Well first understand that the DB app is NOT secured from the operating system user account that its setup for END OF LINE!, however it is secured from every other operating system account in the machine, including the Administrator accounts. (The boot floppy password hack might get around this, it might not as it resets the password)
So with that understood, you just have to consider how to secure the app from the REQUIRED account, and well there it is above, you secure it by placing it on a different (NEW) operating system user account.
1) Create a NEW operating system user, with password.
2) Create a central location for the Dropbox folder lets say C:\DB, and change permissions on the C:\DB folder so both this NEW user and the REQUIRED user have full access.
3) Install the DB app on this NEW user, and move the dropbox folder to C:\DB so its C:\DB\Dropbox, set selective sync as desired and turn off START AT SYSTEM START (which is actual start at user login, but db dont seem to understand the differnce).
4) Create a scheduled task that runs the DB app using the NEW user credentials at the true SYSTEM START, might want to delay in a minute for best internet readyness.
5) Reboot and login as the REQUIRED user, and add a short cut/library link to the C:\DB\Dropbox folder.
And and and .... hmmm done!
The NEW user account becomes the syncing account, and it places the files in the common permissioned folder so the REQUIRED user can gain access to them, read and write, while the NEW user behind the covers ticks along syncing. There is no DB app to be seen as its NOT running in the REQUIRED user profile.
PS: for doubters since there seem to be some these days, I have this going on a set of machines all syncing from one DB account. I have remote access to the machines and so when needed I can login as the "NEW" account and adjust the settings, the "REQUIRED" accounts dont even know whats syncing the files.
Problem Solved - i am amazed how much people drift from the core original question. The need to secure files and folders on dropbox from prying eyes who have access to the desktop or hard drive. The answer is simply to use Cryptomator. It's available for Windows and Mac and iphone (soon Android) . It encrypts at file level before cloud synchronised. So people can look at your local drive ot cloud dropbox folder and see nothing but 256 bit encrypted gibberish. So far it seems a faultless solution. The nice solution is that you can encrypt some dropbox folders and files amd leave others not encrypted. I could also suggest a belt and braces way of moving dropbox to a new folder and securing that folder with various security permissions outside of the user profile settings. But the dream is a simple answer to a genuine question - the answer is Cryptomator
I've recently been doing an audit of my machine with the premise that if I log in as not an administrator, I am able to ensure that there isn't access to certain resources without explicit password request. I think this is a reasonable scenario to consider given the current security scene. The recommendation, by security experts, that you don't run as administrator for everyday use speaks exactly to that scenario.
What would work for me would be to a) Ensure that my sync settings can't be changed without a password request, and b) ensure that no action I take in the Dropbox application can get access to my account without an explicit password request. The first has been suggested by someone earlier and I heartily endorse it. Doing so wouldn't compromise Dropbox's please experience, since we are used to settings being locked. As for (b) I note that i can (at least) select "Get More Space" from the Dropbox settings and be logged in to my account without being asked for a password. I would appreciate if that and any other similar loopholes should be closed.
Thanks for your attention.
The way we work is changing. Share and discover new ways to work smarter with Dropbox in our community.Sound good? Let's get started.
If you need more help you can view your support options (expected response time for a ticket is 24 hours), or contact us on Twitter or Facebook.
For more info on available support options, see this article.
If you found the answer to your question, please 'like' the post to say thanks to the user!