Is Dropbox Safe and Secure?

Addressing the safety and security of Dropbox means answering two questions in one. So, to avoid confusion, we’re going to address each question separately.  First, we’ll talk about how safe your files are against being changed or deleted when you store them on Dropbox (as opposed to your own computer or somewhere else).  Then, we’ll discuss how secure your files are from having other people accessing and tampering with them while they’re on Dropbox.

How safe is Dropbox?

When it comes to whether or not your files are safe from being changed or lost when you put them on Dropbox, the answer is “yes”.  Since you can access your files on Dropbox from multiple different computers or mobile devices, including from the Dropbox website itself, you will still have access to your files even if one of your devices breaks or otherwise has something go wrong with it.  And since they’re holding onto your files for you, it’s in the best interests of Dropbox to make sure that nothing unwanted happens to those files, in order for you to maintain your trust in them.

There is one wrinkle, however, and that’s if you share files or folders with other people.  If you share a file or folder with someone, they may change or delete it on you.  However, this isn’t as big of a deal as it sounds.  If you log into your Dropbox account on the website, you can revert a file to a previous version, or recover a deleted file/folder, as long as that file/folder (or version of it) is newer than 30 days.  You can extend this timeline — and use extra features that let you limit what other people can do with your files and folders — by upgrading your Dropbox account (see tip #3 below).  Or you could just not share certain files and folders (see tip #1 below).  If you need help, see these Dropbox articles on how to restore a previous version of a file and how to recover a deleted file.

Dropbox Safety Tips

1. Don’t put files with overly sensitive personal information on Dropbox.

It’s probably not a good idea to use Dropbox for storing things like account passwords, credit card information, or government-issued documents.  Besides the risk (low, but still potential) of someone else snooping on that information (especially if they end up in a shared folder), if they somehow get deleted from Dropbox, you might be in trouble.  It’s probably best if you store information like this personally, either in physical form or on a dedicated backup disk (see the last point).

2. Use the Dropbox website to manage who is able to do what with your files and folders.

You can use the settings available on the Dropbox website to remove yourself or others from a shared folder, so that you or other people can’t share files in that folder anymore.  You can also adjust the permissions of certain people with regards to a shared folder, so that they can see the files inside said folder, but can’t do anything with them.  However, this requires you to upgrade your Dropbox account (see the point below for more information).

3. Upgrade your Dropbox account.

If you get a subscription to Dropbox Pro or Dropbox for Business, you get more than just an increase in the amount of computer memory that you can use to store your computer files.  You also get added security features, such as the ability to set passwords and expiry dates for direct links to your Dropbox files, and the ability to delete Dropbox and all related information from a device in case it gets lost, stolen, or otherwise compromised.  You can also make it so that people whom you share folders with can see the files inside those folders, but can’t change them in any way.

See our Dropbox Pricing article for a full list of benefits of upgrading your Dropbox account.

4. Use a dedicated alternative backup disk.

If you’re still overly concerned about losing your files, what some people will do is put additional copies of their files somewhere other than Dropbox, such as on an external hard drive.  External hard drives are relatively inexpensive, and have a lot of memory storage space, and are easy to connect to your computer by using common U.S.B. technology.  Then, just copy your files onto the disk, and rearrange them however you want!  Though, for your purposes, this might be overdoing it.

How tight is Dropbox security?

As to whether your files and folders on Dropbox are safe from strangers getting at them and looking at what’s in them, the answer is “mostly”.  Dropbox regularly tests their system to make sure that it can keep thieves and other troublemakers out.  In addition, Dropbox locks your files with an encryption “key” when they are sent into and out of Dropbox, as well as when they are inside Dropbox.  This means that, even if someone else were able to get a hold of your files, they wouldn’t be able to find out what’s in them without that “key”.

However, we wouldn’t be being honest if we didn’t let you know that Dropbox has had a few security-related incidents in the past, most of which they have learned from, and used to fix and improve their system.  We should also mention that, since Dropbox stores the “keys” for locking your files instead of you, there are some security professionals who worry that this setup presents a security risk.  It might mean that Dropbox employees can access the content of your files (even though the Dropbox Privacy Policy states that they’re not allowed to except in very rare circumstances, like when they are required to do so by the law), or that an intruder might be able to read your files if they got a hold of Dropbox’s “keys”. 

See our Is Dropbox Private article for more information.

How to make Dropbox more secure

1. Use a strong password for your Dropbox account.

Though this one’s a bit of a no-brainer, it’s still worth mentioning.  Your account password is at least part of what keeps your files secure on Dropbox, so make sure that it’s a good one.  Use a combination of letters and numbers if you can, and even some symbols.  Also, try upper-case and lower-case variations of letters.  Try to make your password something that isn’t too hard to remember, but won’t be too easy to guess.  For example, instead of “baseball” as a password, try one like “[email protected]@11”.

Our How to Make a Strong Password tutorial has a full set of tips for making secure passwords.

2. Enable two-step verification on your Dropbox account.

This is a bit of an advanced tip that might be more of a hassle than a help, but if you have a mobile phone that can receive text messages or has a verification application installed, you can add an extra layer of security to your Dropbox account.  Two-step verification allows you to require both your password AND a randomly-generated six-digit security code in order to log into Dropbox, or connect to your Dropbox account from a new device.  If you’re interested, see this Dropbox help article for how to enable two-step verification.

3.  Use another program to lock your files before you put them in Dropbox.

Again, this is a very advanced tip that probably means overdoing things, but there are certain programs out there, such as AES Crypt, AxCrypt, and VeraCrypt that allow you to lock your files before you put them on Dropbox.  This means that, in the rare situation that a stranger gets a hold of your files on Dropbox, they’ll have to undo Dropbox’s locks on your files, as well as the locks that you put there, if they want to do anything with those files.  This kind of defeats the purpose of using the easy sharing features of Dropbox (since you or anyone else who gets the file has to manually unlock it, as opposed to Dropbox locking and unlocking it automatically), but it’s an option for making Dropbox more secure.