security - Dropbox: How to password protect files and folders and maintain accessibility?
2014-04
Stephen
I'm aware that there is a similar thread on this subject, but I don't think that situation is similar to mine because the solution that was reached will not work for me. In that scenario, using TrueCrypt, one secures the files but then they are not usable while they are secured and hiding the files doesn't make them accessible to the rest of the team. The only thing that I have been able to come up with so far is to teach everyone how to use WinRar and to unzip and rezip (password protected) with every use of every files (sounds tedious, right?)
Anyway, here' my situation:
I'm working on a research project that involves highly sensitive information. There is the head of the project who "hosts" all of the files on dropbox and then there is his research team who all have dropbox installed on their personal laptops with access to these files. We all understand that it's important to keep laptops secured with passwords, but in the event that someone accidentally leaves their computer on and signed in and walks away from it, we would like to protect all of the files in dropbox so that they are password protected. Basically, we want to take the burden off of the operating system and the operator, and make all files secure in and of themselves.
Goals:
All files must be password protected All files must be accessible at all times by all team members We would like this to be a seamless process in which no one has to mess around with encrypting or mounting/unmounting, just a simply password entry to gain access each time you want to open the file or folder.
So, again, is there any feature in dropbox that will allow me to password protect all files and folders, or even just select files and folders? If not, is there a good third party program that works well with dropbox to accomplish these goals?
If this is not possible, is there a program that is like dropbox but has this feature?
Thank you.
bkr
I wouldn't think so because the files exist locally on the hdd. If the dropbox process was terminated they'd still be on the local disk and accessible so you couldn't rely on dropbox to enforce passwords.
The approach I would take is
a) full disk / system encryption with truecrypt (if device gets stolen)
b) password locking of systems when unattended for x minutes / hibernate after y
c) if worried about the security of files within dropbox - something like http://stefanstools.sourceforge.net/CryptSync.html - encrypt individual files / filenames within dropbox mirrored to local unencrypted folder (that would be protected with true crypt full disk)
Justin Ethier
In modern zip utilities like 7zip, you can specify a password when creating a .ZIP file. But, how secure is this? What encryption algorithm(s) are used to secure password-protected zip files?
8088
7-zip uses AES-256 encrpytion for 7z/zip archives.
http://7-zip.org/7z.html says:
7-Zip also supports encryption with AES-256 algorithm. This algorithm uses cipher key with length of 256 bits. To create that key 7-Zip uses derivation function based on SHA-256 hash algorithm. A key derivation function produces a derived key from text password defined by user. For increasing the cost of exhaustive search for passwords 7-Zip uses big number of iterations to produce cipher key from text password.
The help files of 7-zip says this about the security of a passworded 7z file:
Josh K
Brute force attacks are a waste of time. I won't go into details why, I will instead direct you to Jeff Atwood's blog, he has an excellent post.