Securing Your DropBox & Password Management – My Tips on the best ways to do it!

Andrew LeniartIT Professional, Freelance Journalist, Certified Editor
IT Professional - Helping others to help themselves. &
Most folks would know the basics of how Dropbox works, so that’s not the purpose of this article. Security is what it’s all about, so here I’ll share how I choose to secure my Dropbox Account and the Data it contains.

Despite a ton of articles on the web advising that Dropbox is not a backup service, many people choose to use it as such. That’s not a very good idea because if your account is hacked, then ALL of your system data is up for grabs to the hacker(s).

However, even if you just use Dropbox to back up a few folders on your PC, like your Documents, Picture or Music folders and such, you still run the same risks on whatever you choose to keep in there. For this reason, it’s important to take some basic measurements to protect your data.  This article explains how -I- choose to secure the data I keep in my Dropbox account.

The First Steps

Signing up for a Dropbox account is easy. You only need supply your email address, choose a username and password.  It’s the password step that a lot of people fail to give enough consideration to. They choose easy passwords, get hacked and then blame the service for being crap.  

I suggest you select a password that’s at least 12 characters long, has UPPER and lower case letters, at least 1 number and at least one upper character such as !#@%$.  

Consider a password such as H$sStU343v!2 – A strong password, but how do you remember something like that? Well, the answer is that it's almost impossible for most of us!

I believe the reason a lot of people choose not to use a strong password like the example I gave above is that its nearly impossible to remember it. That’s why it’s important to have a Password Management tool.  

Password Management Tools

There's a ton of Password Management tools, both free and paid versions available and everyone will have their favourite and swear by it. 

My own personal favourite is Roboform and I have it installed on every PC and Mac I own, including my smartphone. Like most of the other offerings, you only need to remember 1 strong password and Roboform will do the rest. The links provided will download the current version of Roboform direct from the manufacturer's website and provide you with a way to check it out with a fully functional 30 Day Trial.

Once you have it installed, you can create a type of favourites bar within it and with one click once you've unlocked it with your Master Password, it will take you to the login page, insert your details and log you in.

It has a ton of features, but here's a sample of what my own login screen looks like...

That's only the first page. I have at least that many on a second page and all of those links automatically sync with my Roboform web account and are available on all my computers and devices.  Along with saving passwords for your Web Site logins, it can be used as a simple password management tool, a place where you can create safenotes that you want password protected along with a host of other features. 

If I'm on a computer that belongs to someone else or a public computer, then by using an incognito browser mode, I can log into my Roboform web account and all of my details and logins are instantly available to me. An excellent password management tool that allows me to use super strong and different passwords on every website and a tool that I honestly couldn't live without these days.  

So that's the importance of complex passwords and how to manage them. You should of course always use a different password on every site you log into so in the event that you still get manage to be hacked, the damage is limited to the one site - in other words, never use the same password on two or more different websites.

Securing the inside of your Dropbox Account

Despite Dropbox's assurances that it uses the very best practices to secure your data, like any site, it can still be hacked.  Hackers breaking into sites like Online Banks, NASA and other Government agencies in the past (in my opinion) proves that point beyond a shadow of a doubt. So what can you do to protect yourself against that sort of occurrence?

Depending on the level of protection you want and the amount of paranoia you personally might have, there are a few things you can do to beat the hackers.  The most obvious is data encryption, using something like Boxcryptor to encrypt all of your data on your DropBox account, thus when it's uploaded (or synchronized) with Dropbox, it's then in an encrypted form that the hackers can neither read or crack.  Boxcryptor is Free for non-commercial use.

Something like Boxcryptor is well worth considering using if you tend to keep a lot of sensitive data on cloud storage services.

Read all about the benefits of Boxcryptor | Security for your Cloud here.

Finally, one of the best ways to protect your Dropbox account is to Enable two-step verification on your Dropbox account.  This to me is a must and I use it on every website that has the service available. A help page on Dropbox two-step verification can be read on this page. Enable and use it on your existing account or any new one you may create - it costs nothing and makes your account so much harder to hack that the hackers will likely just move onto the next account that doesn't have that type of protection enabled.  

I use a Basic Dropbox account as it provides for all of my current needs.  Paid Plus and Professional accounts offer even more features.


I hope this article has at least made you think a bit more about securing your data in the cloud.  Remember, you may have a lot of sensitive data in Dropbox, so it pays off to spend a little time to secure it as best as you can.

Till the next time...

Andrew LeniartIT Professional, Freelance Journalist, Certified Editor
IT Professional - Helping others to help themselves. &

Comments (2)

Thomas Zucker-ScharffSenior Data Analyst

I figured that was the reason - especially since password management was really a side note.  BTW, I now use StickyPassword.  I have found that the worse part of Roboform was that it didn't completely transfer all passwords/passcards/whatever when I exported them.  I do like some of the features of Dashlane, and probably would use that instead if SP didn't offer such a great deal (it was because I was using some other software - don't remember which - and they gave all their users a lifetime membership to SP).
Andrew LeniartIT Professional, Freelance Journalist, Certified Editor
Author of the Year 2019
Distinguished Expert 2020


Hi Thomas, thanks for mentioning the other password managers that you use.  I currently have licenses for Roboform, Avast Password and now 1Password.  I'll generally install a trial to a software product and use it for a short time.

If I don't like it I get rid of it, if I do like it, I'll generally buy a license/subscription to it to unlock all features as 1 reason, but also to encourage the developers to keep working on the products.  Purchasing licenses by registering them to my company gives me a tax benefit as well so it's all good. Just don't tell my missus that's one of my habits! lol  :-)


Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.